Hardcoded Cryptographic Key
ID |
python.hardcoded_cryptographic_key |
Severity |
critical |
Resource |
Predictability |
Language |
Python |
Tags |
CWE:321, NIST.SP.800-53, OWASP:2021:A2, PCI-DSS:3.6.3, crypto |
Description
Cryptographic keys that are hardcoded into source code can be easily extracted and exploited by malicious actors. This practice compromises the security of the application, as these keys are not changeable without altering the source code.
Rationale
Hardcoding cryptographic keys in source code is a risky practice as it exposes sensitive information that should remain secret. The concern arises because hardcoded keys are not modifiable without a code change, making them an attractive target for attackers who can access the source code or binaries.
Consider the following Python example:
from simplecrypt import encrypt
ciphertext = encrypt('the_key', 'the secret message') # FLAWThe code above uses a hardcoded key to encrypt data, posing a serious security risk if the code is ever accessed by unauthorized entities.
Remediation
To remediate this vulnerability, cryptographic keys should be managed securely, never hardcoding them in source code. Instead, use environmental variables, configuration files, or dedicated secrets management services that provide secure storage and retrieval of sensitive data.
An alternative is to perform cryptographic operations using an external, managed service. Known as Key Management Services (KMS), they provide different features including key generation and storage, key rotation and lifecycle management, encryption / decryption and other cryptographic operations like digital signatures, key wrapping, secure random number generation, etc.
References
-
CWE-321 : Use of Hard-coded Cryptographic Key.
-
OWASP - Top 10 2021 Category A02 : Cryptographic Failures.
-
Cryptographic Storage Cheat Sheet, in OWASP Cheat Sheet Series.