Reino: Security Features
La seguridad de un software no es un software de seguridad. Nos preocupamos de cuestiones como la autenticación, el control de acceso, la confidencialidad, la criptografía y la gestión de privilegios.
Weak Cryptographic Hash: Insecure PBE Iteration Count
Abstract
El recuento de iteraciones que usa una función de derivación de clave basada en contraseña es demasiado bajo.
Explanation
Una función de derivación de claves se utiliza para derivar una clave a partir de una clave base y otros parámetros. En una función de derivación de claves basada en contraseña, la clave base es una contraseña y los otros parámetros son un valor de sal y un número de iteraciones. El número de iteraciones ha servido tradicionalmente para aumentar el coste de generar claves a partir de una contraseña. Si el número de iteraciones es demasiado bajo, la viabilidad de un ataque aumenta a medida que un atacante puede calcular "tablas arcoíris" para la aplicación y revertir más fácilmente los valores de contraseña con hash.
Ejemplo 1: el código siguiente utiliza un recuento de iteraciones de 50:
Las aplicaciones que usan un recuento de iteraciones bajo para el cifrado basado en contraseñas se exponen a ataques por diccionario triviales, exactamente el tipo de ataques contra los que se diseñaron los esquemas de cifrado basado en contraseñas.
Ejemplo 1: el código siguiente utiliza un recuento de iteraciones de 50:
...
Rfc2898DeriveBytes rdb8 = new Rfc2898DeriveBytes(password, salt,50);
...
Las aplicaciones que usan un recuento de iteraciones bajo para el cifrado basado en contraseñas se exponen a ataques por diccionario triviales, exactamente el tipo de ataques contra los que se diseñaron los esquemas de cifrado basado en contraseñas.
References
[1] B. Kaliski PKCS #5: Password-Based Cryptography Specification Version 2.0. Network Working Group
[2] Martin Abadi and Bogdan Warinschi Password-Based Encryption Analyzed.
[3] Mihir Bellare, Thomas Ristenpart, and Stefano Tessaro Multi-Instance Security and its Application to Password-Based Cryptography.
[4] M. Egele, D. Brumley, Y. Fratantonio, and C. Kruegel An Empirical Study of Cryptographic Misuse in Android Applications.
[5] Meltem SonmezTuran, Elaine Barker, William Burr, and Lily Chen NIST Special Publication 800-132: Recommendation for Password-Based Key Derivation. NIST
[6] Standards Mapping - Common Weakness Enumeration CWE ID 916
[7] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-001188, CCI-002450
[8] Standards Mapping - FIPS200 MP
[9] Standards Mapping - General Data Protection Regulation (GDPR) Insufficient Data Protection
[10] Standards Mapping - NIST Special Publication 800-53 Revision 4 AU-10 Non-Repudiation (P2), SC-13 Cryptographic Protection (P1), SC-23 Session Authenticity (P1)
[11] Standards Mapping - NIST Special Publication 800-53 Revision 5 AU-10 Non-Repudiation, SC-13 Cryptographic Protection, SC-23 Session Authenticity
[12] Standards Mapping - OWASP Application Security Verification Standard 4.0 2.4.1 Credential Storage Requirements (L2 L3), 2.4.2 Credential Storage Requirements (L2 L3), 2.4.3 Credential Storage Requirements (L2 L3), 2.4.4 Credential Storage Requirements (L2 L3), 2.4.5 Credential Storage Requirements (L2 L3), 2.6.3 Look-up Secret Verifier Requirements (L2 L3), 2.9.3 Cryptographic Software and Devices Verifier Requirements (L2 L3), 6.2.1 Algorithms (L1 L2 L3), 6.2.2 Algorithms (L2 L3), 8.3.7 Sensitive Private Data (L2 L3), 9.1.2 Communications Security Requirements (L1 L2 L3), 9.1.3 Communications Security Requirements (L1 L2 L3)
[13] Standards Mapping - OWASP Mobile 2014 M6 Broken Cryptography
[14] Standards Mapping - OWASP Mobile 2024 M10 Insufficient Cryptography
[15] Standards Mapping - OWASP Mobile Application Security Verification Standard 2.0 MASVS-CRYPTO-1
[16] Standards Mapping - OWASP Top 10 2004 A8 Insecure Storage
[17] Standards Mapping - OWASP Top 10 2007 A8 Insecure Cryptographic Storage
[18] Standards Mapping - OWASP Top 10 2010 A7 Insecure Cryptographic Storage
[19] Standards Mapping - OWASP Top 10 2013 A6 Sensitive Data Exposure
[20] Standards Mapping - OWASP Top 10 2017 A3 Sensitive Data Exposure
[21] Standards Mapping - OWASP Top 10 2021 A02 Cryptographic Failures
[22] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 Requirement 6.5.8
[23] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 Requirement 6.3.1.3, Requirement 6.5.8
[24] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 Requirement 6.5.3
[25] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.3
[26] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.3
[27] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.3
[28] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.3
[29] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4
[30] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography
[31] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[32] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[33] Standards Mapping - SANS Top 25 2011 Porous Defenses - CWE ID 759
[34] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3150.1 CAT II
[35] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3150.1 CAT II
[36] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3150.1 CAT II
[37] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3150.1 CAT II
[38] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3150.1 CAT II
[39] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3150.1 CAT II
[40] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3150.1 CAT II
[41] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[42] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[43] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[44] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[45] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[46] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[47] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[48] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[49] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[50] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[51] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[52] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[53] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[54] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
[55] Standards Mapping - Security Technical Implementation Guide Version 6.1 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
desc.semantic.dotnet.weak_cryptographic_hash_insecure_pbe_iteration_count
Abstract
El recuento de iteraciones que usa una función de derivación de clave basada en contraseña es demasiado bajo.
Explanation
Una función de derivación de claves se utiliza para derivar una clave a partir de una clave base y otros parámetros. En una función de derivación de claves basada en contraseña, la clave base es una contraseña y los otros parámetros son un valor de sal y un número de iteraciones. El número de iteraciones ha servido tradicionalmente para aumentar el coste de generar claves a partir de una contraseña. Si el recuento de iteraciones es demasiado bajo, la viabilidad de un ataque aumenta a medida que un atacante puede calcular "tablas de arcoíris" para la aplicación y determinar más fácilmente los valores de contraseña con hash.
Ejemplo 1: el código siguiente utiliza un recuento de iteraciones de 50:
Las aplicaciones que usan un recuento de iteraciones bajo para el cifrado basado en contraseña son vulnerables a los ataques por diccionario, que son precisamente los ataques ante los cuales deberían proteger los esquemas de cifrado basados en contraseña.
Ejemplo 1: el código siguiente utiliza un recuento de iteraciones de 50:
...
#define ITERATION 50
...
PKCS5_PBKDF2_HMAC(pass, sizeof(pass), salt, sizeof(salt), ITERATION, EVP_sha512(), outputBytes, digest);
...
Las aplicaciones que usan un recuento de iteraciones bajo para el cifrado basado en contraseña son vulnerables a los ataques por diccionario, que son precisamente los ataques ante los cuales deberían proteger los esquemas de cifrado basados en contraseña.
References
[1] B. Kaliski PKCS #5: Password-Based Cryptography Specification Version 2.0. Network Working Group
[2] Martin Abadi and Bogdan Warinschi Password-Based Encryption Analyzed.
[3] Mihir Bellare, Thomas Ristenpart, and Stefano Tessaro Multi-Instance Security and its Application to Password-Based Cryptography.
[4] M. Egele, D. Brumley, Y. Fratantonio, and C. Kruegel An Empirical Study of Cryptographic Misuse in Android Applications.
[5] Meltem Sonmez Turan, Elaine Barker, William Burr, and Lily Chen NIST Special Publication 800-132: Recommendation for Password-Based Key Derivation. NIST
[6] Standards Mapping - Common Weakness Enumeration CWE ID 916
[7] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-001188, CCI-002450
[8] Standards Mapping - FIPS200 MP
[9] Standards Mapping - General Data Protection Regulation (GDPR) Insufficient Data Protection
[10] Standards Mapping - NIST Special Publication 800-53 Revision 4 AU-10 Non-Repudiation (P2), SC-13 Cryptographic Protection (P1), SC-23 Session Authenticity (P1)
[11] Standards Mapping - NIST Special Publication 800-53 Revision 5 AU-10 Non-Repudiation, SC-13 Cryptographic Protection, SC-23 Session Authenticity
[12] Standards Mapping - OWASP Application Security Verification Standard 4.0 2.4.1 Credential Storage Requirements (L2 L3), 2.4.2 Credential Storage Requirements (L2 L3), 2.4.3 Credential Storage Requirements (L2 L3), 2.4.4 Credential Storage Requirements (L2 L3), 2.4.5 Credential Storage Requirements (L2 L3), 2.6.3 Look-up Secret Verifier Requirements (L2 L3), 2.9.3 Cryptographic Software and Devices Verifier Requirements (L2 L3), 6.2.1 Algorithms (L1 L2 L3), 6.2.2 Algorithms (L2 L3), 8.3.7 Sensitive Private Data (L2 L3), 9.1.2 Communications Security Requirements (L1 L2 L3), 9.1.3 Communications Security Requirements (L1 L2 L3)
[13] Standards Mapping - OWASP Mobile 2014 M6 Broken Cryptography
[14] Standards Mapping - OWASP Mobile 2024 M10 Insufficient Cryptography
[15] Standards Mapping - OWASP Mobile Application Security Verification Standard 2.0 MASVS-CRYPTO-1
[16] Standards Mapping - OWASP Top 10 2004 A8 Insecure Storage
[17] Standards Mapping - OWASP Top 10 2007 A8 Insecure Cryptographic Storage
[18] Standards Mapping - OWASP Top 10 2010 A7 Insecure Cryptographic Storage
[19] Standards Mapping - OWASP Top 10 2013 A6 Sensitive Data Exposure
[20] Standards Mapping - OWASP Top 10 2017 A3 Sensitive Data Exposure
[21] Standards Mapping - OWASP Top 10 2021 A02 Cryptographic Failures
[22] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 Requirement 6.5.8
[23] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 Requirement 6.3.1.3, Requirement 6.5.8
[24] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 Requirement 6.5.3
[25] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.3
[26] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.3
[27] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.3
[28] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.3
[29] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4
[30] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography
[31] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[32] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[33] Standards Mapping - SANS Top 25 2011 Porous Defenses - CWE ID 759
[34] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3150.1 CAT II
[35] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3150.1 CAT II
[36] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3150.1 CAT II
[37] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3150.1 CAT II
[38] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3150.1 CAT II
[39] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3150.1 CAT II
[40] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3150.1 CAT II
[41] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[42] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[43] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[44] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[45] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[46] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[47] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[48] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[49] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[50] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[51] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[52] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[53] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[54] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
[55] Standards Mapping - Security Technical Implementation Guide Version 6.1 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
desc.semantic.cpp.weak_cryptographic_hash_insecure_pbe_iteration_count
Abstract
El recuento de iteraciones que usa una función de derivación de clave basada en contraseña es demasiado bajo.
Explanation
Una función de derivación de claves se utiliza para derivar una clave a partir de una clave base y otros parámetros. En una función de derivación de claves basada en contraseña, la clave base es una contraseña y los otros parámetros son un valor de sal y un número de iteraciones. El número de iteraciones ha servido tradicionalmente para aumentar el coste de generar claves a partir de una contraseña. Si el recuento de iteraciones es demasiado bajo, la viabilidad de un ataque aumenta a medida que un atacante puede calcular "tablas de arcoíris" para la aplicación y determinar más fácilmente los valores de contraseña con hash.
Ejemplo 1: el código siguiente utiliza un recuento de iteraciones de 50:
Las aplicaciones que usan un recuento de iteraciones bajo para el cifrado basado en contraseña son vulnerables a los ataques por diccionario, que son precisamente los ataques ante los cuales deberían proteger los esquemas de cifrado basados en contraseña.
Ejemplo 1: el código siguiente utiliza un recuento de iteraciones de 50:
...
final int iterationCount=50;
PBEParameterSpec pbeps=new PBEParameterSpec(salt,iterationCount);
...
Las aplicaciones que usan un recuento de iteraciones bajo para el cifrado basado en contraseña son vulnerables a los ataques por diccionario, que son precisamente los ataques ante los cuales deberían proteger los esquemas de cifrado basados en contraseña.
References
[1] B. Kaliski PKCS #5: Password-Based Cryptography Specification Version 2.0. Network Working Group
[2] Martin Abadi and Bogdan Warinschi Password-Based Encryption Analyzed.
[3] Mihir Bellare, Thomas Ristenpart, and Stefano Tessaro Multi-Instance Security and its Application to Password-Based Cryptography.
[4] Meltem SonmezTuran, Elaine Barker, William Burr, and Lily Chen NIST Special Publication 800-132: Recommendation for Password-Based Key Derivation. NIST
[5] Manuel Egele, David Brumley, Yanick Fratantonio, Christopher Kruegel An Empirical Study of Cryptographic Misuse in Android Applications
[6] Standards Mapping - Common Weakness Enumeration CWE ID 916
[7] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-001188, CCI-002450
[8] Standards Mapping - FIPS200 MP
[9] Standards Mapping - General Data Protection Regulation (GDPR) Insufficient Data Protection
[10] Standards Mapping - NIST Special Publication 800-53 Revision 4 AU-10 Non-Repudiation (P2), SC-13 Cryptographic Protection (P1), SC-23 Session Authenticity (P1)
[11] Standards Mapping - NIST Special Publication 800-53 Revision 5 AU-10 Non-Repudiation, SC-13 Cryptographic Protection, SC-23 Session Authenticity
[12] Standards Mapping - OWASP Application Security Verification Standard 4.0 2.4.1 Credential Storage Requirements (L2 L3), 2.4.2 Credential Storage Requirements (L2 L3), 2.4.3 Credential Storage Requirements (L2 L3), 2.4.4 Credential Storage Requirements (L2 L3), 2.4.5 Credential Storage Requirements (L2 L3), 2.6.3 Look-up Secret Verifier Requirements (L2 L3), 2.9.3 Cryptographic Software and Devices Verifier Requirements (L2 L3), 6.2.1 Algorithms (L1 L2 L3), 6.2.2 Algorithms (L2 L3), 8.3.7 Sensitive Private Data (L2 L3), 9.1.2 Communications Security Requirements (L1 L2 L3), 9.1.3 Communications Security Requirements (L1 L2 L3)
[13] Standards Mapping - OWASP Mobile 2014 M6 Broken Cryptography
[14] Standards Mapping - OWASP Mobile 2024 M10 Insufficient Cryptography
[15] Standards Mapping - OWASP Mobile Application Security Verification Standard 2.0 MASVS-CRYPTO-1
[16] Standards Mapping - OWASP Top 10 2004 A8 Insecure Storage
[17] Standards Mapping - OWASP Top 10 2007 A8 Insecure Cryptographic Storage
[18] Standards Mapping - OWASP Top 10 2010 A7 Insecure Cryptographic Storage
[19] Standards Mapping - OWASP Top 10 2013 A6 Sensitive Data Exposure
[20] Standards Mapping - OWASP Top 10 2017 A3 Sensitive Data Exposure
[21] Standards Mapping - OWASP Top 10 2021 A02 Cryptographic Failures
[22] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 Requirement 6.5.8
[23] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 Requirement 6.3.1.3, Requirement 6.5.8
[24] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 Requirement 6.5.3
[25] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.3
[26] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.3
[27] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.3
[28] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.3
[29] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4
[30] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography
[31] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[32] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[33] Standards Mapping - SANS Top 25 2011 Porous Defenses - CWE ID 759
[34] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3150.1 CAT II
[35] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3150.1 CAT II
[36] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3150.1 CAT II
[37] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3150.1 CAT II
[38] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3150.1 CAT II
[39] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3150.1 CAT II
[40] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3150.1 CAT II
[41] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[42] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[43] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[44] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[45] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[46] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[47] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[48] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[49] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[50] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[51] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[52] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[53] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[54] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
[55] Standards Mapping - Security Technical Implementation Guide Version 6.1 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
desc.semantic.java.weak_cryptographic_hash_insecure_pbe_iteration_count
Abstract
El número de iteraciones utilizado por una función de derivación de claves basada en contraseña es demasiado bajo.
Explanation
Una función de derivación de claves se utiliza para derivar una clave a partir de una clave base y otros parámetros. En una función de derivación de claves basada en contraseña, la clave base es una contraseña y los otros parámetros son un valor de sal y un número de iteraciones. El número de iteraciones ha servido tradicionalmente para aumentar el coste de generar claves a partir de una contraseña. Si el recuento de iteraciones es demasiado bajo, la viabilidad de un ataque aumenta a medida que un atacante puede calcular "tablas de arcoíris" para la aplicación y determinar más fácilmente los valores de contraseña con hash.
Ejemplo 1: El siguiente código utiliza un recuento de iteraciones de 50:
Las aplicaciones que utilizan un número bajo de iteraciones para el cifrado basado en contraseñas están expuestas a ataques triviales basados en diccionarios, exactamente el tipo de ataque contra el cual se diseñaron los esquemas de cifrado basados en contraseñas.
Ejemplo 1: El siguiente código utiliza un recuento de iteraciones de 50:
...
const iterations = 50;
crypto.pbkdf2(
password,
salt,
iterations,
keyLength,
"sha256",
function (err, derivedKey) { ... }
);
Las aplicaciones que utilizan un número bajo de iteraciones para el cifrado basado en contraseñas están expuestas a ataques triviales basados en diccionarios, exactamente el tipo de ataque contra el cual se diseñaron los esquemas de cifrado basados en contraseñas.
References
[1] B. Kaliski PKCS #5: Password-Based Cryptography Specification Version 2.0. Network Working Group
[2] Martin Abadi and Bogdan Warinschi Password-Based Encryption Analyzed.
[3] Mihir Bellare, Thomas Ristenpart, and Stefano Tessaro Multi-Instance Security and its Application to Password-Based Cryptography.
[4] M. Egele, D. Brumley, Y. Fratantonio, and C. Kruegel An Empirical Study of Cryptographic Misuse in Android Applications.
[5] Meltem SonmezTuran, Elaine Barker, William Burr, and Lily Chen NIST Special Publication 800-132: Recommendation for Password-Based Key Derivation. NIST
[6] Standards Mapping - Common Weakness Enumeration CWE ID 916
[7] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-001188, CCI-002450
[8] Standards Mapping - FIPS200 MP
[9] Standards Mapping - General Data Protection Regulation (GDPR) Insufficient Data Protection
[10] Standards Mapping - NIST Special Publication 800-53 Revision 4 AU-10 Non-Repudiation (P2), SC-13 Cryptographic Protection (P1), SC-23 Session Authenticity (P1)
[11] Standards Mapping - NIST Special Publication 800-53 Revision 5 AU-10 Non-Repudiation, SC-13 Cryptographic Protection, SC-23 Session Authenticity
[12] Standards Mapping - OWASP Application Security Verification Standard 4.0 2.4.1 Credential Storage Requirements (L2 L3), 2.4.2 Credential Storage Requirements (L2 L3), 2.4.3 Credential Storage Requirements (L2 L3), 2.4.4 Credential Storage Requirements (L2 L3), 2.4.5 Credential Storage Requirements (L2 L3), 2.6.3 Look-up Secret Verifier Requirements (L2 L3), 2.9.3 Cryptographic Software and Devices Verifier Requirements (L2 L3), 6.2.1 Algorithms (L1 L2 L3), 6.2.2 Algorithms (L2 L3), 8.3.7 Sensitive Private Data (L2 L3), 9.1.2 Communications Security Requirements (L1 L2 L3), 9.1.3 Communications Security Requirements (L1 L2 L3)
[13] Standards Mapping - OWASP Mobile 2014 M6 Broken Cryptography
[14] Standards Mapping - OWASP Mobile 2024 M10 Insufficient Cryptography
[15] Standards Mapping - OWASP Mobile Application Security Verification Standard 2.0 MASVS-CRYPTO-1
[16] Standards Mapping - OWASP Top 10 2004 A8 Insecure Storage
[17] Standards Mapping - OWASP Top 10 2007 A8 Insecure Cryptographic Storage
[18] Standards Mapping - OWASP Top 10 2010 A7 Insecure Cryptographic Storage
[19] Standards Mapping - OWASP Top 10 2013 A6 Sensitive Data Exposure
[20] Standards Mapping - OWASP Top 10 2017 A3 Sensitive Data Exposure
[21] Standards Mapping - OWASP Top 10 2021 A02 Cryptographic Failures
[22] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 Requirement 6.5.8
[23] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 Requirement 6.3.1.3, Requirement 6.5.8
[24] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 Requirement 6.5.3
[25] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.3
[26] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.3
[27] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.3
[28] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.3
[29] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4
[30] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography
[31] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[32] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[33] Standards Mapping - SANS Top 25 2011 Porous Defenses - CWE ID 759
[34] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3150.1 CAT II
[35] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3150.1 CAT II
[36] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3150.1 CAT II
[37] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3150.1 CAT II
[38] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3150.1 CAT II
[39] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3150.1 CAT II
[40] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3150.1 CAT II
[41] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[42] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[43] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[44] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[45] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[46] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[47] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[48] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[49] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[50] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[51] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[52] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[53] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[54] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
[55] Standards Mapping - Security Technical Implementation Guide Version 6.1 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
desc.structural.javascript.weak_cryptographic_hash_insecure_pbe_iteration_count
Abstract
El recuento de iteraciones que usa una función de derivación de clave basada en contraseña es demasiado bajo.
Explanation
Una función de derivación de claves se utiliza para derivar una clave a partir de una clave base y otros parámetros. En una función de derivación de claves basada en contraseña, la clave base es una contraseña y los otros parámetros son un valor de sal y un número de iteraciones. El número de iteraciones ha servido tradicionalmente para aumentar el coste de generar claves a partir de una contraseña. Si el recuento de iteraciones es demasiado bajo, la viabilidad de un ataque aumenta a medida que un atacante puede calcular "tablas de arcoíris" para la aplicación y determinar más fácilmente los valores de contraseña con hash.
Ejemplo 1: el código siguiente utiliza un recuento de iteraciones de 50:
Las aplicaciones que usan un recuento de iteraciones bajo para el cifrado basado en contraseña son vulnerables a los ataques por diccionario, que son precisamente los ataques ante los cuales deberían proteger los esquemas de cifrado basados en contraseña.
Ejemplo 1: el código siguiente utiliza un recuento de iteraciones de 50:
...
#define ITERATION 50
...
CCKeyDerivationPBKDF(kCCPBKDF2,
password,
passwordLen,
salt,
saltLen
kCCPRFHmacAlgSHA256,
ITERATION,
derivedKey,
derivedKeyLen);
...
Las aplicaciones que usan un recuento de iteraciones bajo para el cifrado basado en contraseña son vulnerables a los ataques por diccionario, que son precisamente los ataques ante los cuales deberían proteger los esquemas de cifrado basados en contraseña.
References
[1] B. Kaliski PKCS #5: Password-Based Cryptography Specification Version 2.0. Network Working Group
[2] Martin Abadi and Bogdan Warinschi Password-Based Encryption Analyzed.
[3] Mihir Bellare, Thomas Ristenpart, and Stefano Tessaro Multi-Instance Security and its Application to Password-Based Cryptography.
[4] M. Egele, D. Brumley, Y. Fratantonio, and C. Kruegel An Empirical Study of Cryptographic Misuse in Android Applications.
[5] Meltem SonmezTuran, Elaine Barker, William Burr, and Lily Chen NIST Special Publication 800-132: Recommendation for Password-Based Key Derivation. NIST
[6] Standards Mapping - Common Weakness Enumeration CWE ID 916
[7] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-001188, CCI-002450
[8] Standards Mapping - FIPS200 MP
[9] Standards Mapping - General Data Protection Regulation (GDPR) Insufficient Data Protection
[10] Standards Mapping - NIST Special Publication 800-53 Revision 4 AU-10 Non-Repudiation (P2), SC-13 Cryptographic Protection (P1), SC-23 Session Authenticity (P1)
[11] Standards Mapping - NIST Special Publication 800-53 Revision 5 AU-10 Non-Repudiation, SC-13 Cryptographic Protection, SC-23 Session Authenticity
[12] Standards Mapping - OWASP Application Security Verification Standard 4.0 2.4.1 Credential Storage Requirements (L2 L3), 2.4.2 Credential Storage Requirements (L2 L3), 2.4.3 Credential Storage Requirements (L2 L3), 2.4.4 Credential Storage Requirements (L2 L3), 2.4.5 Credential Storage Requirements (L2 L3), 2.6.3 Look-up Secret Verifier Requirements (L2 L3), 2.9.3 Cryptographic Software and Devices Verifier Requirements (L2 L3), 6.2.1 Algorithms (L1 L2 L3), 6.2.2 Algorithms (L2 L3), 8.3.7 Sensitive Private Data (L2 L3), 9.1.2 Communications Security Requirements (L1 L2 L3), 9.1.3 Communications Security Requirements (L1 L2 L3)
[13] Standards Mapping - OWASP Mobile 2014 M6 Broken Cryptography
[14] Standards Mapping - OWASP Mobile 2024 M10 Insufficient Cryptography
[15] Standards Mapping - OWASP Mobile Application Security Verification Standard 2.0 MASVS-CRYPTO-1
[16] Standards Mapping - OWASP Top 10 2004 A8 Insecure Storage
[17] Standards Mapping - OWASP Top 10 2007 A8 Insecure Cryptographic Storage
[18] Standards Mapping - OWASP Top 10 2010 A7 Insecure Cryptographic Storage
[19] Standards Mapping - OWASP Top 10 2013 A6 Sensitive Data Exposure
[20] Standards Mapping - OWASP Top 10 2017 A3 Sensitive Data Exposure
[21] Standards Mapping - OWASP Top 10 2021 A02 Cryptographic Failures
[22] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 Requirement 6.5.8
[23] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 Requirement 6.3.1.3, Requirement 6.5.8
[24] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 Requirement 6.5.3
[25] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.3
[26] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.3
[27] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.3
[28] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.3
[29] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4
[30] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography
[31] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[32] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[33] Standards Mapping - SANS Top 25 2011 Porous Defenses - CWE ID 759
[34] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3150.1 CAT II
[35] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3150.1 CAT II
[36] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3150.1 CAT II
[37] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3150.1 CAT II
[38] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3150.1 CAT II
[39] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3150.1 CAT II
[40] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3150.1 CAT II
[41] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[42] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[43] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[44] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[45] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[46] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[47] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[48] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[49] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[50] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[51] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[52] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[53] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[54] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
[55] Standards Mapping - Security Technical Implementation Guide Version 6.1 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
desc.semantic.objc.weak_cryptographic_hash_insecure_pbe_iteration_count
Abstract
El recuento de iteraciones que usa una función de derivación de clave basada en contraseña es demasiado bajo.
Explanation
Una función de derivación de claves se utiliza para derivar una clave a partir de una clave base y otros parámetros. En una función de derivación de claves basada en contraseña, la clave base es una contraseña y los otros parámetros son un valor de sal y un número de iteraciones. El número de iteraciones ha servido tradicionalmente para aumentar el coste de generar claves a partir de una contraseña. Si el número de iteraciones es demasiado bajo, la viabilidad de un ataque aumenta a medida que un atacante puede calcular "tablas arcoíris" para la aplicación y revertir más fácilmente los valores de contraseña con hash.
Ejemplo 1: El código siguiente utiliza un recuento de iteraciones de 50:
Las aplicaciones que usan un recuento de iteraciones bajo para el cifrado basado en contraseñas se exponen a ataques por diccionario triviales, exactamente el tipo de ataques contra los que se diseñaron los esquemas de cifrado basado en contraseñas.
Ejemplo 1: El código siguiente utiliza un recuento de iteraciones de 50:
...
$hash = hash_pbkdf2('sha256', $password, $salt, 50);
...
Las aplicaciones que usan un recuento de iteraciones bajo para el cifrado basado en contraseñas se exponen a ataques por diccionario triviales, exactamente el tipo de ataques contra los que se diseñaron los esquemas de cifrado basado en contraseñas.
References
[1] B. Kaliski PKCS #5: Password-Based Cryptography Specification Version 2.0. Network Working Group
[2] Martin Abadi and Bogdan Warinschi Password-Based Encryption Analyzed.
[3] Mihir Bellare, Thomas Ristenpart, and Stefano Tessaro Multi-Instance Security and its Application to Password-Based Cryptography.
[4] M. Egele, D. Brumley, Y. Fratantonio, and C. Kruegel An Empirical Study of Cryptographic Misuse in Android Applications.
[5] Meltem SonmezTuran, Elaine Barker, William Burr, and Lily Chen NIST Special Publication 800-132: Recommendation for Password-Based Key Derivation. NIST
[6] Standards Mapping - Common Weakness Enumeration CWE ID 916
[7] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-001188, CCI-002450
[8] Standards Mapping - FIPS200 MP
[9] Standards Mapping - General Data Protection Regulation (GDPR) Insufficient Data Protection
[10] Standards Mapping - NIST Special Publication 800-53 Revision 4 AU-10 Non-Repudiation (P2), SC-13 Cryptographic Protection (P1), SC-23 Session Authenticity (P1)
[11] Standards Mapping - NIST Special Publication 800-53 Revision 5 AU-10 Non-Repudiation, SC-13 Cryptographic Protection, SC-23 Session Authenticity
[12] Standards Mapping - OWASP Application Security Verification Standard 4.0 2.4.1 Credential Storage Requirements (L2 L3), 2.4.2 Credential Storage Requirements (L2 L3), 2.4.3 Credential Storage Requirements (L2 L3), 2.4.4 Credential Storage Requirements (L2 L3), 2.4.5 Credential Storage Requirements (L2 L3), 2.6.3 Look-up Secret Verifier Requirements (L2 L3), 2.9.3 Cryptographic Software and Devices Verifier Requirements (L2 L3), 6.2.1 Algorithms (L1 L2 L3), 6.2.2 Algorithms (L2 L3), 8.3.7 Sensitive Private Data (L2 L3), 9.1.2 Communications Security Requirements (L1 L2 L3), 9.1.3 Communications Security Requirements (L1 L2 L3)
[13] Standards Mapping - OWASP Mobile 2014 M6 Broken Cryptography
[14] Standards Mapping - OWASP Mobile 2024 M10 Insufficient Cryptography
[15] Standards Mapping - OWASP Mobile Application Security Verification Standard 2.0 MASVS-CRYPTO-1
[16] Standards Mapping - OWASP Top 10 2004 A8 Insecure Storage
[17] Standards Mapping - OWASP Top 10 2007 A8 Insecure Cryptographic Storage
[18] Standards Mapping - OWASP Top 10 2010 A7 Insecure Cryptographic Storage
[19] Standards Mapping - OWASP Top 10 2013 A6 Sensitive Data Exposure
[20] Standards Mapping - OWASP Top 10 2017 A3 Sensitive Data Exposure
[21] Standards Mapping - OWASP Top 10 2021 A02 Cryptographic Failures
[22] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 Requirement 6.5.8
[23] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 Requirement 6.3.1.3, Requirement 6.5.8
[24] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 Requirement 6.5.3
[25] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.3
[26] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.3
[27] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.3
[28] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.3
[29] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4
[30] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography
[31] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[32] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[33] Standards Mapping - SANS Top 25 2011 Porous Defenses - CWE ID 759
[34] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3150.1 CAT II
[35] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3150.1 CAT II
[36] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3150.1 CAT II
[37] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3150.1 CAT II
[38] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3150.1 CAT II
[39] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3150.1 CAT II
[40] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3150.1 CAT II
[41] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[42] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[43] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[44] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[45] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[46] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[47] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[48] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[49] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[50] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[51] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[52] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[53] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[54] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
[55] Standards Mapping - Security Technical Implementation Guide Version 6.1 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
desc.semantic.php.weak_cryptographic_hash_insecure_pbe_iteration_count
Abstract
El recuento de iteraciones que usa una función de derivación de clave basada en contraseña es demasiado bajo.
Explanation
Una función de derivación de claves se utiliza para derivar una clave a partir de una clave base y otros parámetros. En una función de derivación de claves basada en contraseña, la clave base es una contraseña y los otros parámetros son un valor de sal y un número de iteraciones. El número de iteraciones ha servido tradicionalmente para aumentar el coste de generar claves a partir de una contraseña. Si el número de iteraciones es demasiado bajo, la viabilidad de un ataque aumenta a medida que un atacante puede calcular "tablas arcoíris" para la aplicación y revertir más fácilmente los valores de contraseña con hash.
Ejemplo 1: el código siguiente utiliza un recuento de iteraciones de 50:
Las aplicaciones que utilizan un número bajo de iteraciones para el cifrado basado en contraseñas están expuestas a ataques triviales basados en diccionarios, que es exactamente el tipo de ataque contra el que se diseñaron los esquemas de cifrado basados en contraseñas.
Ejemplo 2: El siguiente código establece el parámetro de costo en 11:
Al utilizar la API
Ejemplo 1: el código siguiente utiliza un recuento de iteraciones de 50:
...
from hashlib import pbkdf2_hmac
dk = pbkdf2_hmac('sha256', password, salt, 50)
...
Las aplicaciones que utilizan un número bajo de iteraciones para el cifrado basado en contraseñas están expuestas a ataques triviales basados en diccionarios, que es exactamente el tipo de ataque contra el que se diseñaron los esquemas de cifrado basados en contraseñas.
Ejemplo 2: El siguiente código establece el parámetro de costo en 11:
bcrypt_hash = bcrypt(b64pwd, 11)
Al utilizar la API
bcrypt en Pycryptodome, es crucial tener en cuenta que el parámetro de costo juega un papel importante en la determinación de la complejidad computacional del proceso de hash subyacente. Se recomienda encarecidamente establecer el parámetro de costo en un valor de al menos 12 para garantizar un nivel de seguridad suficiente. Este valor influye directamente en el tiempo necesario para calcular el hash, lo que hace que sea más costoso computacionalmente para los atacantes potenciales llevar a cabo ataques de fuerza bruta o de diccionario.References
[1] B. Kaliski PKCS #5: Password-Based Cryptography Specification Version 2.0. Network Working Group
[2] Martin Abadi and Bogdan Warinschi Password-Based Encryption Analyzed.
[3] Mihir Bellare, Thomas Ristenpart, and Stefano Tessaro Multi-Instance Security and its Application to Password-Based Cryptography.
[4] M. Egele, D. Brumley, Y. Fratantonio, and C. Kruegel An Empirical Study of Cryptographic Misuse in Android Applications.
[5] Meltem SonmezTuran, Elaine Barker, William Burr, and Lily Chen NIST Special Publication 800-132: Recommendation for Password-Based Key Derivation. NIST
[6] Standards Mapping - Common Weakness Enumeration CWE ID 916
[7] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-001188, CCI-002450
[8] Standards Mapping - FIPS200 MP
[9] Standards Mapping - General Data Protection Regulation (GDPR) Insufficient Data Protection
[10] Standards Mapping - NIST Special Publication 800-53 Revision 4 AU-10 Non-Repudiation (P2), SC-13 Cryptographic Protection (P1), SC-23 Session Authenticity (P1)
[11] Standards Mapping - NIST Special Publication 800-53 Revision 5 AU-10 Non-Repudiation, SC-13 Cryptographic Protection, SC-23 Session Authenticity
[12] Standards Mapping - OWASP Application Security Verification Standard 4.0 2.4.1 Credential Storage Requirements (L2 L3), 2.4.2 Credential Storage Requirements (L2 L3), 2.4.3 Credential Storage Requirements (L2 L3), 2.4.4 Credential Storage Requirements (L2 L3), 2.4.5 Credential Storage Requirements (L2 L3), 2.6.3 Look-up Secret Verifier Requirements (L2 L3), 2.9.3 Cryptographic Software and Devices Verifier Requirements (L2 L3), 6.2.1 Algorithms (L1 L2 L3), 6.2.2 Algorithms (L2 L3), 8.3.7 Sensitive Private Data (L2 L3), 9.1.2 Communications Security Requirements (L1 L2 L3), 9.1.3 Communications Security Requirements (L1 L2 L3)
[13] Standards Mapping - OWASP Mobile 2014 M6 Broken Cryptography
[14] Standards Mapping - OWASP Mobile 2024 M10 Insufficient Cryptography
[15] Standards Mapping - OWASP Mobile Application Security Verification Standard 2.0 MASVS-CRYPTO-1
[16] Standards Mapping - OWASP Top 10 2004 A8 Insecure Storage
[17] Standards Mapping - OWASP Top 10 2007 A8 Insecure Cryptographic Storage
[18] Standards Mapping - OWASP Top 10 2010 A7 Insecure Cryptographic Storage
[19] Standards Mapping - OWASP Top 10 2013 A6 Sensitive Data Exposure
[20] Standards Mapping - OWASP Top 10 2017 A3 Sensitive Data Exposure
[21] Standards Mapping - OWASP Top 10 2021 A02 Cryptographic Failures
[22] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 Requirement 6.5.8
[23] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 Requirement 6.3.1.3, Requirement 6.5.8
[24] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 Requirement 6.5.3
[25] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.3
[26] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.3
[27] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.3
[28] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.3
[29] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4
[30] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography
[31] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[32] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[33] Standards Mapping - SANS Top 25 2011 Porous Defenses - CWE ID 759
[34] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3150.1 CAT II
[35] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3150.1 CAT II
[36] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3150.1 CAT II
[37] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3150.1 CAT II
[38] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3150.1 CAT II
[39] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3150.1 CAT II
[40] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3150.1 CAT II
[41] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[42] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[43] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[44] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[45] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[46] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[47] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[48] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[49] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[50] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[51] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[52] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[53] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[54] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
[55] Standards Mapping - Security Technical Implementation Guide Version 6.1 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
desc.semantic.python.weak_cryptographic_hash_insecure_pbe_iteration_count
Abstract
El recuento de iteraciones que usa una función de derivación de clave basada en contraseña es demasiado bajo.
Explanation
Una función de derivación de claves se utiliza para derivar una clave a partir de una clave base y otros parámetros. En una función de derivación de claves basada en contraseña, la clave base es una contraseña y los otros parámetros son un valor de sal y un número de iteraciones. El número de iteraciones ha servido tradicionalmente para aumentar el coste de generar claves a partir de una contraseña. Si el recuento de iteraciones es demasiado bajo, la viabilidad de un ataque aumenta a medida que un atacante puede calcular "tablas de arcoíris" para la aplicación y determinar más fácilmente los valores de contraseña con hash.
Ejemplo 1: el código siguiente utiliza un recuento de iteraciones de 50:
Las aplicaciones que usan un recuento de iteraciones bajo para el cifrado basado en contraseñas se exponen a ataques por diccionario triviales, exactamente el tipo de ataques contra los que se diseñaron los esquemas de cifrado basado en contraseñas.
Ejemplo 1: el código siguiente utiliza un recuento de iteraciones de 50:
require 'openssl'
...
key = OpenSSL::PKCS5::pbkdf2_hmac(pass, salt, 50, 256, 'SHA256')
Las aplicaciones que usan un recuento de iteraciones bajo para el cifrado basado en contraseñas se exponen a ataques por diccionario triviales, exactamente el tipo de ataques contra los que se diseñaron los esquemas de cifrado basado en contraseñas.
References
[1] B. Kaliski PKCS #5: Password-Based Cryptography Specification Version 2.0. Network Working Group
[2] Martin Abadi and Bogdan Warinschi Password-Based Encryption Analyzed.
[3] Mihir Bellare, Thomas Ristenpart, and Stefano Tessaro Multi-Instance Security and its Application to Password-Based Cryptography.
[4] M. Egele, D. Brumley, Y. Fratantonio, and C. Kruegel An Empirical Study of Cryptographic Misuse in Android Applications.
[5] Meltem Sonmez Turan, Elaine Barker, William Burr, and Lily Chen NIST Special Publication 800-132: Recommendation for Password-Based Key Derivation. NIST
[6] Standards Mapping - Common Weakness Enumeration CWE ID 916
[7] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-001188, CCI-002450
[8] Standards Mapping - FIPS200 MP
[9] Standards Mapping - General Data Protection Regulation (GDPR) Insufficient Data Protection
[10] Standards Mapping - NIST Special Publication 800-53 Revision 4 AU-10 Non-Repudiation (P2), SC-13 Cryptographic Protection (P1), SC-23 Session Authenticity (P1)
[11] Standards Mapping - NIST Special Publication 800-53 Revision 5 AU-10 Non-Repudiation, SC-13 Cryptographic Protection, SC-23 Session Authenticity
[12] Standards Mapping - OWASP Application Security Verification Standard 4.0 2.4.1 Credential Storage Requirements (L2 L3), 2.4.2 Credential Storage Requirements (L2 L3), 2.4.3 Credential Storage Requirements (L2 L3), 2.4.4 Credential Storage Requirements (L2 L3), 2.4.5 Credential Storage Requirements (L2 L3), 2.6.3 Look-up Secret Verifier Requirements (L2 L3), 2.9.3 Cryptographic Software and Devices Verifier Requirements (L2 L3), 6.2.1 Algorithms (L1 L2 L3), 6.2.2 Algorithms (L2 L3), 8.3.7 Sensitive Private Data (L2 L3), 9.1.2 Communications Security Requirements (L1 L2 L3), 9.1.3 Communications Security Requirements (L1 L2 L3)
[13] Standards Mapping - OWASP Mobile 2014 M6 Broken Cryptography
[14] Standards Mapping - OWASP Mobile 2024 M10 Insufficient Cryptography
[15] Standards Mapping - OWASP Mobile Application Security Verification Standard 2.0 MASVS-CRYPTO-1
[16] Standards Mapping - OWASP Top 10 2004 A8 Insecure Storage
[17] Standards Mapping - OWASP Top 10 2007 A8 Insecure Cryptographic Storage
[18] Standards Mapping - OWASP Top 10 2010 A7 Insecure Cryptographic Storage
[19] Standards Mapping - OWASP Top 10 2013 A6 Sensitive Data Exposure
[20] Standards Mapping - OWASP Top 10 2017 A3 Sensitive Data Exposure
[21] Standards Mapping - OWASP Top 10 2021 A02 Cryptographic Failures
[22] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 Requirement 6.5.8
[23] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 Requirement 6.3.1.3, Requirement 6.5.8
[24] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 Requirement 6.5.3
[25] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.3
[26] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.3
[27] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.3
[28] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.3
[29] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4
[30] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography
[31] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[32] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[33] Standards Mapping - SANS Top 25 2011 Porous Defenses - CWE ID 759
[34] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3150.1 CAT II
[35] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3150.1 CAT II
[36] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3150.1 CAT II
[37] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3150.1 CAT II
[38] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3150.1 CAT II
[39] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3150.1 CAT II
[40] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3150.1 CAT II
[41] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[42] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[43] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[44] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[45] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[46] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[47] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[48] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[49] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[50] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[51] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[52] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[53] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[54] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
[55] Standards Mapping - Security Technical Implementation Guide Version 6.1 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
desc.structural.ruby.weak_cryptographic_hash_insecure_pbe_iteration_count
Abstract
El recuento de iteraciones que usa una función de derivación de clave basada en contraseña es demasiado bajo.
Explanation
Una función de derivación de claves se utiliza para derivar una clave a partir de una clave base y otros parámetros. En una función de derivación de claves basada en contraseña, la clave base es una contraseña y los otros parámetros son un valor de sal y un número de iteraciones. El número de iteraciones ha servido tradicionalmente para aumentar el coste de generar claves a partir de una contraseña. Si el recuento de iteraciones es demasiado bajo, la viabilidad de un ataque aumenta a medida que un atacante puede calcular "tablas de arcoíris" para la aplicación y determinar más fácilmente los valores de contraseña con hash.
Ejemplo 1: el código siguiente utiliza un recuento de iteraciones de 50:
Las aplicaciones que usan un recuento de iteraciones bajo para el cifrado basado en contraseña son vulnerables a los ataques por diccionario, que son precisamente los ataques ante los cuales deberían proteger los esquemas de cifrado basados en contraseña.
Ejemplo 1: el código siguiente utiliza un recuento de iteraciones de 50:
...
let ITERATION = UInt32(50)
...
CCKeyDerivationPBKDF(CCPBKDFAlgorithm(kCCPBKDF2),
password,
passwordLength,
saltBytes,
saltLength,
CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA256),
ITERATION,
derivedKey,
derivedKeyLength)
...
Las aplicaciones que usan un recuento de iteraciones bajo para el cifrado basado en contraseña son vulnerables a los ataques por diccionario, que son precisamente los ataques ante los cuales deberían proteger los esquemas de cifrado basados en contraseña.
References
[1] B. Kaliski PKCS #5: Password-Based Cryptography Specification Version 2.0. Network Working Group
[2] Martin Abadi and Bogdan Warinschi Password-Based Encryption Analyzed.
[3] Mihir Bellare, Thomas Ristenpart, and Stefano Tessaro Multi-Instance Security and its Application to Password-Based Cryptography.
[4] M. Egele, D. Brumley, Y. Fratantonio, and C. Kruegel An Empirical Study of Cryptographic Misuse in Android Applications.
[5] Meltem SonmezTuran, Elaine Barker, William Burr, and Lily Chen NIST Special Publication 800-132: Recommendation for Password-Based Key Derivation. NIST
[6] Standards Mapping - Common Weakness Enumeration CWE ID 916
[7] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-001188, CCI-002450
[8] Standards Mapping - FIPS200 MP
[9] Standards Mapping - General Data Protection Regulation (GDPR) Insufficient Data Protection
[10] Standards Mapping - NIST Special Publication 800-53 Revision 4 AU-10 Non-Repudiation (P2), SC-13 Cryptographic Protection (P1), SC-23 Session Authenticity (P1)
[11] Standards Mapping - NIST Special Publication 800-53 Revision 5 AU-10 Non-Repudiation, SC-13 Cryptographic Protection, SC-23 Session Authenticity
[12] Standards Mapping - OWASP Application Security Verification Standard 4.0 2.4.1 Credential Storage Requirements (L2 L3), 2.4.2 Credential Storage Requirements (L2 L3), 2.4.3 Credential Storage Requirements (L2 L3), 2.4.4 Credential Storage Requirements (L2 L3), 2.4.5 Credential Storage Requirements (L2 L3), 2.6.3 Look-up Secret Verifier Requirements (L2 L3), 2.9.3 Cryptographic Software and Devices Verifier Requirements (L2 L3), 6.2.1 Algorithms (L1 L2 L3), 6.2.2 Algorithms (L2 L3), 8.3.7 Sensitive Private Data (L2 L3), 9.1.2 Communications Security Requirements (L1 L2 L3), 9.1.3 Communications Security Requirements (L1 L2 L3)
[13] Standards Mapping - OWASP Mobile 2014 M6 Broken Cryptography
[14] Standards Mapping - OWASP Mobile 2024 M10 Insufficient Cryptography
[15] Standards Mapping - OWASP Mobile Application Security Verification Standard 2.0 MASVS-CRYPTO-1
[16] Standards Mapping - OWASP Top 10 2004 A8 Insecure Storage
[17] Standards Mapping - OWASP Top 10 2007 A8 Insecure Cryptographic Storage
[18] Standards Mapping - OWASP Top 10 2010 A7 Insecure Cryptographic Storage
[19] Standards Mapping - OWASP Top 10 2013 A6 Sensitive Data Exposure
[20] Standards Mapping - OWASP Top 10 2017 A3 Sensitive Data Exposure
[21] Standards Mapping - OWASP Top 10 2021 A02 Cryptographic Failures
[22] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 Requirement 6.5.8
[23] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 Requirement 6.3.1.3, Requirement 6.5.8
[24] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 Requirement 6.5.3
[25] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.3
[26] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.3
[27] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.3
[28] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.3
[29] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4
[30] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography
[31] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[32] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[33] Standards Mapping - SANS Top 25 2011 Porous Defenses - CWE ID 759
[34] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3150.1 CAT II
[35] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3150.1 CAT II
[36] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3150.1 CAT II
[37] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3150.1 CAT II
[38] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3150.1 CAT II
[39] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3150.1 CAT II
[40] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3150.1 CAT II
[41] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[42] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[43] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[44] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[45] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[46] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[47] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[48] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[49] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[50] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[51] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[52] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[53] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[54] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
[55] Standards Mapping - Security Technical Implementation Guide Version 6.1 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
desc.structural.swift.weak_cryptographic_hash_insecure_pbe_iteration_count
Abstract
El número de iteraciones utilizado por una función de derivación de claves basada en contraseña es demasiado bajo.
Explanation
Una función de derivación de claves se utiliza para derivar una clave a partir de una clave base y otros parámetros. En una función de derivación de claves basada en contraseña, la clave base es una contraseña y los otros parámetros son un valor de sal y un número de iteraciones. El número de iteraciones ha servido tradicionalmente para aumentar el coste de generar claves a partir de una contraseña. Si el número de iteraciones es demasiado bajo, la viabilidad de un ataque aumenta a medida que un atacante puede calcular "tablas arcoíris" para la aplicación y revertir más fácilmente los valores de contraseña con hash.
Ejemplo 1: El siguiente XML configura un número de iteraciones de 50:
Las aplicaciones que utilizan un número bajo de iteraciones para el cifrado basado en contraseñas están expuestas a ataques triviales basados en diccionarios, exactamente el tipo de ataque contra el cual se diseñaron los esquemas de cifrado basados en contraseñas.
Ejemplo 1: El siguiente XML configura un número de iteraciones de 50:
...
<param name="keyObtentionIterations" value="50"/>
...
Las aplicaciones que utilizan un número bajo de iteraciones para el cifrado basado en contraseñas están expuestas a ataques triviales basados en diccionarios, exactamente el tipo de ataque contra el cual se diseñaron los esquemas de cifrado basados en contraseñas.
References
[1] B. Kaliski PKCS #5: Password-Based Cryptography Specification Version 2.0. Network Working Group
[2] Martin Abadi and Bogdan Warinschi Password-Based Encryption Analyzed.
[3] Mihir Bellare, Thomas Ristenpart, and Stefano Tessaro Multi-Instance Security and its Application to Password-Based Cryptography.
[4] M. Egele, D. Brumley, Y. Fratantonio, and C. Kruegel An Empirical Study of Cryptographic Misuse in Android Applications.
[5] Meltem SonmezTuran, Elaine Barker, William Burr, and Lily Chen NIST Special Publication 800-132: Recommendation for Password-Based Key Derivation. NIST
[6] Standards Mapping - Common Weakness Enumeration CWE ID 916
[7] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-001188, CCI-002450
[8] Standards Mapping - FIPS200 MP
[9] Standards Mapping - General Data Protection Regulation (GDPR) Insufficient Data Protection
[10] Standards Mapping - NIST Special Publication 800-53 Revision 4 AU-10 Non-Repudiation (P2), SC-13 Cryptographic Protection (P1), SC-23 Session Authenticity (P1)
[11] Standards Mapping - NIST Special Publication 800-53 Revision 5 AU-10 Non-Repudiation, SC-13 Cryptographic Protection, SC-23 Session Authenticity
[12] Standards Mapping - OWASP Application Security Verification Standard 4.0 2.4.1 Credential Storage Requirements (L2 L3), 2.4.2 Credential Storage Requirements (L2 L3), 2.4.3 Credential Storage Requirements (L2 L3), 2.4.4 Credential Storage Requirements (L2 L3), 2.4.5 Credential Storage Requirements (L2 L3), 2.6.3 Look-up Secret Verifier Requirements (L2 L3), 2.9.3 Cryptographic Software and Devices Verifier Requirements (L2 L3), 6.2.1 Algorithms (L1 L2 L3), 6.2.2 Algorithms (L2 L3), 8.3.7 Sensitive Private Data (L2 L3), 9.1.2 Communications Security Requirements (L1 L2 L3), 9.1.3 Communications Security Requirements (L1 L2 L3)
[13] Standards Mapping - OWASP Mobile 2014 M6 Broken Cryptography
[14] Standards Mapping - OWASP Mobile 2024 M10 Insufficient Cryptography
[15] Standards Mapping - OWASP Mobile Application Security Verification Standard 2.0 MASVS-CRYPTO-1
[16] Standards Mapping - OWASP Top 10 2004 A8 Insecure Storage
[17] Standards Mapping - OWASP Top 10 2007 A8 Insecure Cryptographic Storage
[18] Standards Mapping - OWASP Top 10 2010 A7 Insecure Cryptographic Storage
[19] Standards Mapping - OWASP Top 10 2013 A6 Sensitive Data Exposure
[20] Standards Mapping - OWASP Top 10 2017 A3 Sensitive Data Exposure
[21] Standards Mapping - OWASP Top 10 2021 A02 Cryptographic Failures
[22] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 Requirement 6.5.8
[23] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 Requirement 6.3.1.3, Requirement 6.5.8
[24] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 Requirement 6.5.3
[25] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.5.3
[26] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.5.3
[27] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.5.3
[28] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.5.3
[29] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4
[30] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography
[31] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[32] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 7.1 - Use of Cryptography, Control Objective 7.4 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design
[33] Standards Mapping - SANS Top 25 2011 Porous Defenses - CWE ID 759
[34] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3150.1 CAT II
[35] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3150.1 CAT II
[36] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3150.1 CAT II
[37] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3150.1 CAT II
[38] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3150.1 CAT II
[39] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3150.1 CAT II
[40] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3150.1 CAT II
[41] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[42] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[43] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[44] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[45] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[46] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[47] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[48] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[49] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[50] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[51] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[52] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[53] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II
[54] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
[55] Standards Mapping - Security Technical Implementation Guide Version 6.1 APSC-DV-000590 CAT II, APSC-DV-002010 CAT II, APSC-DV-002020 CAT II, APSC-DV-002030 CAT II, APSC-DV-002290 CAT II
desc.config.xml.weak_cryptographic_hash_insecure_pbe_iteration_count