CWE-323

GPTKB entity

Statements (27)
Predicate Object
gptkbp:instanceOf gptkb:Common_Weakness_Enumeration
gptkbp:affectedResource Cryptographic Protocols
gptkbp:category Cryptographic Issues
gptkbp:consequence Information Disclosure
Loss of Confidentiality
Loss of Integrity
gptkbp:describes The software uses the same nonce value, key pair, or initialization vector (IV) more than once in a cryptographic algorithm, which can significantly weaken the security of the algorithm.
gptkbp:example Reusing the same IV in CBC mode encryption
Reusing the same nonce in stream ciphers
gptkbp:externalLink https://cwe.mitre.org/data/definitions/323.html
gptkbp:hasCWE 323
https://www.w3.org/2000/01/rdf-schema#label CWE-323
gptkbp:likelihoodOfExploit High
gptkbp:mitigatedBy Ensure that nonces, IVs, and key pairs are unique for each cryptographic operation.
gptkbp:name Reusing a Nonce, Key Pair in Encryption
gptkbp:partOf gptkb:CWE
gptkbp:relatedTo CWE-329
CWE-324
gptkbp:status Active
gptkbp:weakness gptkb:Base
gptkbp:bfsParent gptkb:CVE-2017-13077
gptkb:CVE-2017-13079
gptkb:CVE-2017-13082
gptkb:CVE-2017-13083
gptkb:CVE-2017-13086
gptkb:CVE-2017-13088
gptkbp:bfsLayer 7