Statements (27)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:affectedResource |
Cryptographic Protocols
|
| gptkbp:category |
Cryptographic Issues
|
| gptkbp:consequence |
Information Disclosure
Loss of Confidentiality Loss of Integrity |
| gptkbp:describes |
The software uses the same nonce value, key pair, or initialization vector (IV) more than once in a cryptographic algorithm, which can significantly weaken the security of the algorithm.
|
| gptkbp:example |
Reusing the same IV in CBC mode encryption
Reusing the same nonce in stream ciphers |
| gptkbp:externalLink |
https://cwe.mitre.org/data/definitions/323.html
|
| gptkbp:hasCWE |
323
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-323
|
| gptkbp:likelihoodOfExploit |
High
|
| gptkbp:mitigatedBy |
Ensure that nonces, IVs, and key pairs are unique for each cryptographic operation.
|
| gptkbp:name |
Reusing a Nonce, Key Pair in Encryption
|
| gptkbp:partOf |
gptkb:CWE
|
| gptkbp:relatedTo |
CWE-329
CWE-324 |
| gptkbp:status |
Active
|
| gptkbp:weakness |
gptkb:Base
|
| gptkbp:bfsParent |
gptkb:CVE-2017-13077
gptkb:CVE-2017-13079 gptkb:CVE-2017-13082 gptkb:CVE-2017-13083 gptkb:CVE-2017-13086 gptkb:CVE-2017-13088 |
| gptkbp:bfsLayer |
7
|