Read Time:2 Minute, 15 Second
Description
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.
The use of a non-standard algorithm is dangerous because a determined attacker may be able to break the algorithm and compromise whatever data has been protected. Well-known techniques may exist to break the algorithm.
Modes of Introduction:
– Architecture and Design
Likelihood of Exploit: High
Related Weaknesses
CWE-693
CWE-311
Consequences
Confidentiality: Read Application Data
The confidentiality of sensitive data may be compromised by the use of a broken or risky cryptographic algorithm.
Integrity: Modify Application Data
The integrity of sensitive data may be compromised by the use of a broken or risky cryptographic algorithm.
Accountability, Non-Repudiation: Hide Activities
If the cryptographic algorithm is used to ensure the identity of the source of the data (such as digital signatures), then a broken algorithm will compromise this scheme and the source of the data cannot be proven.
Potential Mitigations
Phase: Architecture and Design
Description:
Phase: Architecture and Design
Effectiveness: Defense in Depth
Description:
Ensure that the design allows one cryptographic algorithm can be replaced with another in the next generation or version. Where possible, use wrappers to make the interfaces uniform. This will make it easier to upgrade to stronger algorithms. This is especially important for hardware, which can be more difficult to upgrade quickly than software.
Phase: Architecture and Design
Description:
Carefully manage and protect cryptographic keys (see CWE-320). If the keys can be guessed or stolen, then the strength of the cryptography itself is irrelevant.
Phase: Architecture and Design
Description:
Phase: Implementation, Architecture and Design
Description:
When using industry-approved techniques, use them correctly. Don’t cut corners by skipping resource-intensive steps (CWE-325). These steps are often essential for preventing common attacks.
CVE References
- CVE-2008-3775
- Product uses “ROT-25” to obfuscate the password in the registry.
- CVE-2007-4150
- product only uses “XOR” to obfuscate sensitive data
- CVE-2007-5460
- product only uses “XOR” and a fixed key to obfuscate sensitive data
- CVE-2005-4860
- Product substitutes characters with other characters in a fixed way, and also leaves certain input characters unchanged.
- CVE-2002-2058
- Attackers can infer private IP addresses by dividing each octet by the MD5 hash of ’20’.
- CVE-2008-3188
- Product uses DES when MD5 has been specified in the configuration, resulting in weaker-than-expected password hashes.
- CVE-2005-2946
- Default configuration of product uses MD5 instead of stronger algorithms that are available, simplifying forgery of certificates.
- CVE-2007-6013
- Product uses the hash of a hash for authentication, allowing attackers to gain privileges if they can obtain the original hash.
