CWE•Variant•Draft•3 recent CVEs
CWE-329Generation of Predictable IV with CBC Mode
Description
The product generates and uses a predictable initialization Vector (IV) with Cipher Block Chaining (CBC) Mode, which causes algorithms to be susceptible to dictionary attacks when they are encrypted under the same key.
[object Object]
Common consequences
- Confidentiality→Read Application DataIf the IV is not properly initialized, data that is encrypted can be compromised and leak information.
Potential mitigations
- ImplementationNIST recommends two methods of generating unpredictable IVs for CBC mode [REF-1172]. The first is to generate the IV randomly. The second method is to encrypt a nonce with the same key and cipher to be used to encrypt the plaintext. In this case the nonce must be unique but can be predictable, since the block cipher will act as a pseudo random permutation.