Statements (27)
Predicate | Object |
---|---|
gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
gptkbp:affectedResource |
Cryptographic Protocols
|
gptkbp:category |
Cryptographic Issues
|
gptkbp:consequence |
Information Disclosure
Loss of Confidentiality Loss of Integrity |
gptkbp:describes |
The software uses the same nonce value, key pair, or initialization vector (IV) more than once in a cryptographic algorithm, which can significantly weaken the security of the algorithm.
|
gptkbp:example |
Reusing the same IV in CBC mode encryption
Reusing the same nonce in stream ciphers |
gptkbp:externalLink |
https://cwe.mitre.org/data/definitions/323.html
|
gptkbp:hasCWE |
323
|
https://www.w3.org/2000/01/rdf-schema#label |
CWE-323
|
gptkbp:likelihoodOfExploit |
High
|
gptkbp:mitigatedBy |
Ensure that nonces, IVs, and key pairs are unique for each cryptographic operation.
|
gptkbp:name |
Reusing a Nonce, Key Pair in Encryption
|
gptkbp:partOf |
gptkb:CWE
|
gptkbp:relatedTo |
CWE-329
CWE-324 |
gptkbp:status |
Active
|
gptkbp:weakness |
gptkb:Base
|
gptkbp:bfsParent |
gptkb:CVE-2017-13077
gptkb:CVE-2017-13079 gptkb:CVE-2017-13082 gptkb:CVE-2017-13083 gptkb:CVE-2017-13086 gptkb:CVE-2017-13088 |
gptkbp:bfsLayer |
7
|