Nonces should be used for the present occasion and only once.
N/A
Threat Mapped score: 0.0
Industry: Finiancial
Threat priority: Unclassified
N/A
N/A
| Phase | Note |
|---|---|
| Architecture and Design | REALIZATION: This weakness is caused during implementation of an architectural security tactic. |
Intro: This code takes a password, concatenates it with a nonce, then encrypts it before sending over a network:
Body: Because the nonce used is always the same, an attacker can impersonate a trusted party by intercepting and resending the encrypted password. This attack avoids the need to learn the unencrypted password.
void encryptAndSendPassword(char *password){ char *nonce = "bad"; ... char *data = (unsigned char*)malloc(20); int para_size = strlen(nonce) + strlen(password); char *paragraph = (char*)malloc(para_size); SHA1((const unsigned char*)paragraph,parsize,(unsigned char*)data); sendEncryptedData(data) }Intro: This code sends a command to a remote server, using an encrypted password and nonce to prove the command is from a trusted party:
Body: Once again the nonce used is always the same. An attacker may be able to replay previous legitimate commands or execute new arbitrary commands.
String command = new String("some command to execute"); MessageDigest nonce = MessageDigest.getInstance("SHA"); nonce.update(String.valueOf("bad nonce")); byte[] nonce = nonce.digest(); MessageDigest password = MessageDigest.getInstance("SHA"); password.update(nonce + "secretPassword"); byte[] digest = password.digest(); sendCommand(digest, command)