Reusing a Nonce, Key Pair in SecurityDatabase\Encrypt\Encryption |
Weakness ID: 323 (Weakness Base) | Status: Incomplete |
Scope | Effect |
---|---|
Authentication | Potentially a replay attack, in which an attacker could send the same data twice, could be crafted if nonces are allowed to be reused. This could allow a user to send a message which masquerades as a valid message from a valid user. |
Example 1
Example Language: C
#include <openssl/sha.h>
#include <stdio.h>
#include <string.h>
#include <memory.h>
int main(){
char *paragraph = NULL;
char *data = NULL;
char *nonce = "bad";
char *password = "secret";
parsize=strlen(nonce)+strlen(password);
paragraph=(char*)malloc(para_size);
strncpy(paragraph,nonce,strlen(nonce));
strcpy(paragraph,password,strlen(password));
data=(unsigned char*)malloc(20);
SHA1((const unsigned char*)paragraph,parsize,(unsigned char*)data);
free(paragraph);
free(data);
//Do something with data//
return 0;
}
Example Language: C++
String command = new String("some command to execute");
MessageDigest nonce = MessageDigest.getInstance("SHA");
nonce.update(String.valueOf("bad nonce"));
byte[] nonce = nonce.digest();
MessageDigest password = MessageDigest.getInstance("SHA");
password.update(nonce + "secretPassword");
byte[] digest = password.digest();
//do something with digest//
Requirements specification: The choice could be made to use a language that is not susceptible to these issues. |
Phase: Implementation Refuse to reuse nonce values. |
Phase: Implementation Use techniques such as requiring incrementing, time based and/or challenge response to assure uniqueness of nonces. |
Nonces are often bundled with a key in a communication exchange to produce a new session key for each exchange. |
Nature | Type | ID | Name | View(s) this relationship pertains to![]() |
---|---|---|---|---|
ChildOf | ![]() | 320 | Key Management Errors | Development Concepts (primary)699 |
ChildOf | ![]() | 344 | Use of Invariant Value in Dynamically Changing Context | Research Concepts (primary)1000 |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
CLASP | Reusing a nonce, key pair in encryption |
Submissions | ||||
---|---|---|---|---|
Submission Date | Submitter | Organization | Source | |
CLASP | Externally Mined | |||
Modifications | ||||
Modification Date | Modifier | Organization | Source | |
2008-07-01 | Eric Dalci | Cigital | External | |
updated Time of Introduction | ||||
2008-09-08 | CWE Content Team | MITRE | Internal | |
updated Background Details, Common Consequences, Relationships, Taxonomy Mappings |