KT
Cryptographic Failures — OWASP A02:2021
An in-depth analysis of cryptographic failures, their causes, attack scenarios, and prevention strategies.
What is Cryptographic Failure?
Cryptographic Failures, designated as A02:2021 in the OWASP Top 10, occur when sensitive data is improperly encrypted, managed, or implemented. The issue is usually not the algorithm itself but mistakes in its application. Previously, this category was known as "Sensitive Data Exposure."
Common Causes
- Lack of Encryption: Failing to encrypt sensitive data at rest or in transit, e.g., sending passwords or credit cards over HTTP instead of HTTPS.
- Weak/Deprecated Algorithms: Using outdated or custom algorithms, such as MD5 or unsalted SHA-1, for password hashing.
- Improper Key Management: Hard-coding keys in source code or failing to securely generate, store, rotate, and use encryption keys.
- Implementation Errors: Mistakes like using a non-cryptographically secure RNG for session tokens or encryption keys.
- Misconfigurations: Supporting outdated protocols like SSL 3.0 or TLS 1.0, leading to vulnerabilities in transport security.
Impact and Attack Scenarios
- Cleartext Exposure: Data transmitted or stored without encryption, allowing attackers to read it instantly.
- Weak Hashing Attack: Fast, unsalted hashes like MD5 allow attackers to quickly recover passwords using rainbow tables or GPU cracking.
- Data Decryption via Flaw: Encryption exists but automatic decryption allows SQL Injection or other attacks to access cleartext data.
- Downgrade Attack: Forcing connections from HTTPS to HTTP to intercept sensitive information such as session cookies.
Prevention and Mitigation
- Data Classification: Identify all sensitive data and determine protection requirements for storage, transit, and processing.
- Enforce Strong Transport: Use TLS 1.2+ and enforce security headers like HSTS to prevent downgrade attacks.
- Use Strong Algorithms: Adopt well-vetted algorithms such as AES-256 or RSA with secure padding; avoid MD5 and SHA-1.
- Secure Password Storage: Use adaptive, salted hashing functions like Argon2, bcrypt, or scrypt.
- Proper Key Management: Generate keys with CSPRNGs, avoid hard-coded keys, use secure key management services or HSMs, and implement key rotation policies.
- Avoid Unnecessary Storage: Only store sensitive data as long as needed.