界: Security Features

ソフトウェアのセキュリティは、セキュリティソフトウェアではありません。ここでは、認証、アクセス制御、機密性、暗号化、権限管理などのトピックについて説明します。

Key Management: Null PBE Password

Abstract

null パスワードに基づいて暗号鍵を生成し使用すると、システムのセキュリティを危険にさらす可能性があり、この問題への対策は簡単ではありません。

Explanation

null 値をパスワード引数としてパスワードベースの暗号鍵導出関数に渡すのはよくない発想です。このシナリオでは、導出鍵は指定の salt のみに基づくことになり (鍵は著しく脆弱になる)、その問題を修正することは非常に困難です。有害なコードが実運用に入ると、多くの場合、ソフトウェアにパッチを当てない限り null パスワードは変更できません。null パスワードに基づいて導出した鍵で保護されるアカウントが危険にさらされると、システムの所有者はセキュリティと可用性の二者択一を強いられます。

例 1: 次のコードは、null 値をパスワード引数としてパスワードベースの暗号鍵導出関数に渡します。


...
var encryptor = new StrongPasswordEncryptor();
var encryptedPassword = encryptor.encryptPassword(null);
...

コードにアクセスできれば、null パスワード引数に基づいてコードから暗号鍵が 1 つ以上生成されることを判別できる上に、初歩的なクラック技法を使用できれば、不正な鍵で保護されているどのリソースにもアクセスできる可能性が高まります。攻撃者が、null パスワードに基づく鍵の生成に使用される salt 値にもアクセスできれば、それらの鍵のクラッキングは容易になります。プログラムが頒布された後は、プログラムにパッチを適用しない限り、null パスワードを変更できないと考えられます。この情報へのアクセス権を持っている従業員が、権限を使用してシステムに侵入する可能性があります。攻撃者はアプリケーションの実行可能ファイルにさえアクセスできれば、null パスワードが使われている証拠を割り出すことが可能です。

References

[1] Standards Mapping - Common Weakness Enumeration CWE ID 321

[2] Standards Mapping - Common Weakness Enumeration Top 25 2019 [13] CWE ID 287, [19] CWE ID 798

[3] Standards Mapping - Common Weakness Enumeration Top 25 2020 [14] CWE ID 287, [20] CWE ID 798

[4] Standards Mapping - Common Weakness Enumeration Top 25 2021 [14] CWE ID 287, [16] CWE ID 798

[5] Standards Mapping - Common Weakness Enumeration Top 25 2022 [14] CWE ID 287, [15] CWE ID 798

[6] Standards Mapping - Common Weakness Enumeration Top 25 2023 [13] CWE ID 287, [18] CWE ID 798

[7] Standards Mapping - DISA Control Correlation Identifier Version 2 CCI-002450

[8] Standards Mapping - FIPS200 IA

[9] Standards Mapping - General Data Protection Regulation (GDPR) Insufficient Data Protection

[10] Standards Mapping - NIST Special Publication 800-53 Revision 4 SC-12 Cryptographic Key Establishment and Management (P1), SC-13 Cryptographic Protection (P1)

[11] Standards Mapping - NIST Special Publication 800-53 Revision 5 SC-12 Cryptographic Key Establishment and Management, SC-13 Cryptographic Protection

[12] Standards Mapping - OWASP Application Security Verification Standard 4.0 2.6.2 Look-up Secret Verifier Requirements (L2 L3), 2.6.3 Look-up Secret Verifier Requirements (L2 L3), 2.7.1 Out of Band Verifier Requirements (L1 L2 L3), 2.7.2 Out of Band Verifier Requirements (L1 L2 L3), 2.7.3 Out of Band Verifier Requirements (L1 L2 L3), 2.8.4 Single or Multi Factor One Time Verifier Requirements (L2 L3), 2.8.5 Single or Multi Factor One Time Verifier Requirements (L2 L3), 2.9.1 Cryptographic Software and Devices Verifier Requirements (L2 L3), 2.10.2 Service Authentication Requirements (L2 L3), 2.10.4 Service Authentication Requirements (L2 L3), 3.5.2 Token-based Session Management (L2 L3), 3.7.1 Defenses Against Session Management Exploits (L1 L2 L3), 6.2.1 Algorithms (L1 L2 L3), 6.4.1 Secret Management (L2 L3), 6.4.2 Secret Management (L2 L3), 9.2.3 Server Communications Security Requirements (L2 L3), 10.2.3 Malicious Code Search (L3)

[13] Standards Mapping - OWASP Mobile 2014 M6 Broken Cryptography

[14] Standards Mapping - OWASP Mobile 2024 M1 Improper Credential Usage

[15] Standards Mapping - OWASP Mobile Application Security Verification Standard 2.0 MASVS-CRYPTO-2

[16] Standards Mapping - OWASP Top 10 2004 A8 Insecure Storage

[17] Standards Mapping - OWASP Top 10 2007 A8 Insecure Cryptographic Storage

[18] Standards Mapping - OWASP Top 10 2010 A7 Insecure Cryptographic Storage

[19] Standards Mapping - OWASP Top 10 2013 A6 Sensitive Data Exposure

[20] Standards Mapping - OWASP Top 10 2017 A3 Sensitive Data Exposure

[21] Standards Mapping - OWASP Top 10 2021 A02 Cryptographic Failures

[22] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 Requirement 6.5.8, Requirement 8.4

[23] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 Requirement 6.3.1.3, Requirement 6.5.8, Requirement 8.4

[24] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 Requirement 6.3.1, Requirement 6.5.3, Requirement 8.4

[25] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0 Requirement 6.3.1, Requirement 6.5.3, Requirement 8.2.1

[26] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1 Requirement 6.3.1, Requirement 6.5.3, Requirement 8.2.1

[27] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2 Requirement 6.3.1, Requirement 6.5.3, Requirement 8.2.1

[28] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1 Requirement 6.3.1, Requirement 6.5.3, Requirement 8.2.1

[29] Standards Mapping - Payment Card Industry Data Security Standard Version 4.0 Requirement 6.2.4, Requirement 6.5.3, Requirement 6.5.6, Requirement 8.3.2

[30] Standards Mapping - Payment Card Industry Software Security Framework 1.0 Control Objective 7.2 - Use of Cryptography

[31] Standards Mapping - Payment Card Industry Software Security Framework 1.1 Control Objective 7.2 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design

[32] Standards Mapping - Payment Card Industry Software Security Framework 1.2 Control Objective 7.2 - Use of Cryptography, Control Objective B.2.3 - Terminal Software Design

[33] Standards Mapping - SANS Top 25 2009 Porous Defenses - CWE ID 259

[34] Standards Mapping - Security Technical Implementation Guide Version 3.1 APP3210.1 CAT II, APP3350 CAT I

[35] Standards Mapping - Security Technical Implementation Guide Version 3.4 APP3210.1 CAT II, APP3350 CAT I

[36] Standards Mapping - Security Technical Implementation Guide Version 3.5 APP3210.1 CAT II, APP3350 CAT I

[37] Standards Mapping - Security Technical Implementation Guide Version 3.6 APP3210.1 CAT II, APP3350 CAT I

[38] Standards Mapping - Security Technical Implementation Guide Version 3.7 APP3210.1 CAT II, APP3350 CAT I

[39] Standards Mapping - Security Technical Implementation Guide Version 3.9 APP3210.1 CAT II, APP3350 CAT I

[40] Standards Mapping - Security Technical Implementation Guide Version 3.10 APP3210.1 CAT II, APP3350 CAT I

[41] Standards Mapping - Security Technical Implementation Guide Version 4.2 APSC-DV-002010 CAT II

[42] Standards Mapping - Security Technical Implementation Guide Version 4.3 APSC-DV-002010 CAT II

[43] Standards Mapping - Security Technical Implementation Guide Version 4.4 APSC-DV-002010 CAT II

[44] Standards Mapping - Security Technical Implementation Guide Version 4.5 APSC-DV-002010 CAT II

[45] Standards Mapping - Security Technical Implementation Guide Version 4.6 APSC-DV-002010 CAT II

[46] Standards Mapping - Security Technical Implementation Guide Version 4.7 APSC-DV-002010 CAT II

[47] Standards Mapping - Security Technical Implementation Guide Version 4.8 APSC-DV-002010 CAT II

[48] Standards Mapping - Security Technical Implementation Guide Version 4.9 APSC-DV-002010 CAT II

[49] Standards Mapping - Security Technical Implementation Guide Version 4.10 APSC-DV-002010 CAT II

[50] Standards Mapping - Security Technical Implementation Guide Version 4.11 APSC-DV-002010 CAT II

[51] Standards Mapping - Security Technical Implementation Guide Version 4.1 APSC-DV-002010 CAT II

[52] Standards Mapping - Security Technical Implementation Guide Version 5.1 APSC-DV-002010 CAT II

[53] Standards Mapping - Security Technical Implementation Guide Version 5.2 APSC-DV-002010 CAT II

[54] Standards Mapping - Security Technical Implementation Guide Version 5.3 APSC-DV-002010 CAT II

[55] Standards Mapping - Web Application Security Consortium Version 2.00 Information Leakage (WASC-13)

desc.semantic.java.key_management_null_pbe_password

Abstract

Explanation


...
CCKeyDerivationPBKDF(kCCPBKDF2,
                     nil,
                     0,
                     salt,
                     saltLen
                     kCCPRFHmacAlgSHA256,
                     100000,
                     derivedKey,
                     derivedKeyLen);
...