Using insecure cryptography is a common and severe vulnerability. It is listed in second place, under Cryptographic failures, in the 2021 OWASP Top 10 Vulnerabilities list. Cryptographic vulnerabilities may arise for several reasons, both due to insecure encryption algorithms and hashing algorithms.
Here’s what you need to know about such vulnerabilities, what makes them dangerous, and how to disable insecure algorithms.
SSL Insecure Algorithm Security Assessment
CVSS Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
What are Insecure Cryptographic Algorithms?
Insecure cryptographic algorithms are a vulnerability that impacts how sensitive data is stored and transmitted online. Rather than a single type of vulnerability, it applies to the insecure use of cryptography due to:
- Reliance on poor key storage and management processes
- Using custom encryption protocols that have not been tested extensively
- Using insecure, deprecated, or disallowed cryptographic algorithms
Cryptographic vulnerabilities frequently arise when using the Transport Layer Security (TLS) or the now-deprecated Secure Sockets Layer (SSL) protocols. TLS/SSL use different cipher suites that usually include key exchange, authentication, encryption, and message authentication code (MAC) algorithms to secure the data they transmit. Depending on the algorithms being used, a vulnerability may be present in transferring data, allowing attackers to mount an attack.
A successful attack on a weak cipher can lead to sensitive data, such as authentication, payment, or medical details, and code or intellectual property being exposed and stolen. It could also allow attackers to manipulate or destroy data or take over a whole system and compromise it. Finally, such an attack, as in the below example, can also cause reputational and material damages.
The extent of the damage being done is limited to the type and the value of the data that becomes compromised. For example, in 2011, the PlayStation Network was breached, leading to the details of 77 million accounts being leaked, including the credit card information of about 12 million users. As a result, Sony had to pay $15 million in a settlement.
Attacks such as DROWN, POODLE, BEAST, other kinds of downgrade attacks, renegotiation attacks, and others all make use of vulnerabilities in algorithms.
Types of Insecure Cryptographic Algorithms
Insecure cryptography can apply to one of the algorithms used in a cipher suite or to a combination of algorithms. Frequently, it applies to the ciphers being used for encryption and decryption or the algorithms being used as hash functions, though vulnerabilities in authentication and key exchange algorithms can also be found.
Sometimes vulnerabilities are present only in specific cipher versions and are fixed in later versions, or they are possible in SSL but not in TLS.
Encryption algorithms are a way to secure communication and ensure it doesn’t end up in the wrong hands or that even if it does, it cannot be deciphered. Hash algorithms are a type of one-way cryptography with several purposes, one of which is verifying the integrity of messages or files. I.e., it guarantees that it has not been tampered with in transmitting a file. They can also be used for password verification, signature generation, and more.
Vulnerabilities can arise in both algorithms, and several algorithms are known to have issues.
According to the U.S. National Institute of Standards and Technology (NIST), weak algorithms typically fall under two categories: deprecated and disallowed. Deprecated ciphers have been found to hold some vulnerabilities, and their use is not considered safe without certain risks, whereas disallowed ciphers are those types of algorithms that are unsafe to use.
The following cipher modes of operation are generally considered unsafe for use and should be avoided:
- Data Encryption Standard (DES) and Triple Data Encryption Algorithm (TDEA or Triple DEA)
- Cipher Block Chaining (CBC)
- Electronic Codebook (ECB)
In addition to the above, the following hash functions have also been found to contain significant vulnerabilities and should not be used:
- RIPEMD & RIPEMD-128
These are some of the most known ciphers and problematic hash functions, though the list is not exhaustive. It is always recommended to check which ciphers you are using and whether they are up to date with the latest security recommendations!
How Does A Cryptographic Algorithm Attack Occur?
Cryptanalysis is the process of analyzing a system to spot a cryptographic weakness and exploit it. Typically, cryptographic attacks occur based on a vulnerability inherent in the code, cipher, cryptographic protocol, or key management scheme used by the system.
For example, downgrade attacks rely on an insecure configuration present in some versions of SSL or TLS protocols. Once the attacker successfully downgrades to a vulnerable protocol version, this allows them to eavesdrop on the communication between client and server. Due to vulnerabilities in ciphers such as CBC mode of encryption, they can then make out the key used for encryption, decrypt the ciphertext they have recorded, and turn it into plaintext.
Some of the main types of cryptographic attacks include:
- Brute force attack
- Cipher-only attack
- Known-plaintext attack
- Chosen plaintext attack
- Chosen ciphertext attack
- Differential and linear cryptanalysis
- Side-channel attack
- Replay attack
Insecure cryptographic algorithms can create significant vulnerabilities, leading to significant damage. This is why it is good to make sure you are using secure algorithms and have disabled any insecure algorithms. Here’s what you can do.
How to Disable Insecure Algorithms and Prevent Cryptographic Attacks
Preventing cryptographic attacks is a fairly straightforward process. Generally, the rule is to use stronger algorithms – message digest (hash) functions and ciphers – and strong key sizes. Your security team must be up to date with the latest cryptographic industry standards and guidelines like the ones provided by NIST.
Setting up a robust TLS configuration is another important element of your prevention. Alongside this measure, you could also consider implementing perfect forward secrecy and enabling TLS_FALLBACK_SCSV and HTTP Strict Transport Security (HSTS).
The following algorithms are currently considered safe to use and aligned with security recommendations:
|Key management||RSA, Diffie-Hellman (DH), ECDH, SRP, PSK|
|Authentication||RSA (2048 bits or above), DSA, ECDSA|
|Bulk ciphers||RSA, AES (128 bits or above in OFB or CTR mode),|
|Message authentication (secure hash algorithms)||HMAC-SHA256, HMAC-SHA1, HMAC-SHA2, HMAC-MD5, RIPEMD-160/256/320, BLAKE2, BLAKE3|
Cryptographic Failure Prevention Guide
Learn how to detect and prevent cryptographic failures.
What is an insecure cipher?
An insecure cipher or cryptographic algorithm has a vulnerability that can be exploited by a malicious party to reveal the encrypted data. This allows an attack to reveal the encrypted plaintext, which may contain sensitive information, or to reveal the session key and hijack a user’s session.
What is a cryptographic attack?
A cryptographic attack is an attempt to reveal the contents of an encrypted message by gaining access to the decryption key or by finding a way to decrypt the message without knowledge of the key.