Use of a weak cryptographic initialization vector
ID |
python.weak_encryption_initialization_vector |
Severity |
critical |
Resource |
Cryptography |
Language |
Python |
Tags |
CWE:1204, NIST.SP.800-53, OWASP:2021:A2, PCI-DSS:6.5.3, crypto |
Description
The improper use of initialization vectors (IVs) in encryption can weaken data security by enabling pattern detection and making the ciphertext vulnerable to attacks. It’s critical to ensure the IV is generated securely and used correctly to maintain encryption strength.
Rationale
Initialization vectors (IVs) are crucial in encryption schemes like CBC or GCM to ensure the same plaintext results in different ciphertexts. A weak or improperly used IV, such as a static or predictable one, can allow attackers to uncover patterns in the data, leading to potential data leaks or unauthorized access.
Consider the following Python code:
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
key = b'mysecretencryptionkey'
iv = b'0000000000000000' # Weak and predictable IV
cipher = Cipher(algorithms.AES(key), modes.CFB(iv)) # FLAW
encryptor = cipher.encryptor()
plaintext = b'secret message'
ciphertext = encryptor.update(plaintext) + encryptor.finalize()Remediation
To remediate issues with weak or improperly used IVs, ensure they are generated securely and uniquely for each encryption operation.
The remediation example for Python would look like this:
import os
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
key = b'mysecretencryptionkey'
iv = os.urandom(16) # Securely generated random IV
cipher = Cipher(algorithms.AES(key), modes.CFB(iv))
encryptor = cipher.encryptor()
plaintext = b'secret message'
ciphertext = encryptor.update(plaintext) + encryptor.finalize()References
-
CWE-1204 : Generation of Weak Initialization Vector (IV).