Use of a weak cryptographic initialization vector
ID |
php.weak_encryption_initialization_vector |
Severity |
critical |
Resource |
Cryptography |
Language |
Php |
Tags |
CWE:1204, NIST.SP.800-53, OWASP:2021:A2, PCI-DSS:6.5.3, crypto |
Description
The improper use of initialization vectors (IVs) in encryption can weaken data security by enabling pattern detection and making the ciphertext vulnerable to attacks. It’s critical to ensure the IV is generated securely and used correctly to maintain encryption strength.
Rationale
Initialization vectors (IVs) are crucial in encryption schemes like CBC or GCM to ensure the same plaintext results in different ciphertexts. A weak or improperly used IV, such as a static or predictable one, can allow attackers to uncover patterns in the data, leading to potential data leaks or unauthorized access.
Consider the following PHP code:
<?php
$cipher = "AES-128-CBC";
$iv = ''; // IV not provided
$encrypted = openssl_encrypt($data, $cipher, $key, 0, $iv); // FLAW
$cipher2 = "AES-128-CBC";
$iv2 = '1234567890123456'; // Static IV
$encrypted = openssl_encrypt($data, $cipher2, $key, 0, $iv2); // FLAW
?>Remediation
To remediate issues with weak or improperly used IVs, ensure they are generated securely and uniquely for each encryption operation.
The remediation example for PHP would look like this:
<?php
$cipher = "AES-128-CBC";
$iv = random_bytes(openssl_cipher_iv_length($cipher));
$encrypted = openssl_encrypt($data, $cipher, $key, 0, $iv);
?>References
-
CWE-1204 : Generation of Weak Initialization Vector (IV).