[MASWE-0020] Weak Encryption (by @appknox) #2910
Conversation
There was a problem hiding this comment.
Finished the weakness part. I applied my suggestions, let me know if anything to change from your end. Please look into the meta data of the weakness and clean it up accordingly.
Will look into the other parts in the upcoming days. Thanks for your contribution!
|
|
||
| ## Overview | ||
|
|
||
| In this test case, we will look for the use of weak encryption in Android applications. To do this, we need to focus on the cryptographic implementations of algorithm such as DES, 3DES,Weak encryption modes (e.g. ECB) and Cipher.getInstance("AES") defaults to ECB. |
There was a problem hiding this comment.
This needs to be more elaborate, similar to https://mas.owasp.org/MASTG/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0208/
Be careful with missing whitespace and ensure code elements are enclosed in backticks, e.g., Cipher
Also, try to use the refs we included in MASWE-0020 wherever possible as inline links for the text. Especially the ones from Support Google and Developer Android.
| @@ -0,0 +1,33 @@ | |||
| --- | |||
| platform: android | |||
| title: Weak Encryption | |||
There was a problem hiding this comment.
To go inline with MAST-DEMO-0018
| title: Weak Encryption | |
| title: Uses of Insecure Encryption Algorithms in Cipher with semgrep |
|
@cpholguera noted. will work on the requested changes |
|
Thank you very much @sk3l10x1ng! |
|
@cpholguera @sushi2k, requested changes have been done. thank you |
| @@ -0,0 +1,27 @@ | |||
| --- | |||
| title: Weak Encryption Algorithms | |||
There was a problem hiding this comment.
Please remove this file, we already have the one for algorithms: https://mas.owasp.org/MASTG/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0221/
There was a problem hiding this comment.
@cpholguera does this file need to be completely removed or only remove the DES algorithm section?
There was a problem hiding this comment.
This file can be completely removed. We already have this test in https://mas.owasp.org/MASTG/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0221/ including DES as well.
| - Always use modern, well-established cryptographic libraries in mobile apps that follow best practices and offer cryptographic algorithms that are aligned with the recommendations by NIST. | ||
| - For example it is recommended to use secure modes of operations like GCM (Galois/Counter Mode) mode for AES with 256-bit keys, providing both encryption and authentication. |
There was a problem hiding this comment.
We can rework this section to mirror the previous one adding one mitigation for each of the modes of introduction.
| - Always use modern, well-established cryptographic libraries in mobile apps that follow best practices and offer cryptographic algorithms that are aligned with the recommendations by NIST. | |
| - For example it is recommended to use secure modes of operations like GCM (Galois/Counter Mode) mode for AES with 256-bit keys, providing both encryption and authentication. | |
| - **Adopt Secure Algorithms**: Replace deprecated algorithms such as DES, 3DES, MD5, and SHA-1 with AES (minimum 256-bit key) and SHA-256 or higher. | |
| - **Use Secure Encryption Modes**: Choose secure modes such as AES-GCM or AES-CCM and avoid insecure modes such as ECB. | |
| - **Ensure Proper Initialization Vector Management**: Generate IVs using cryptographically secure random number generators and ensure they are unique for every operation. | |
| - **Use Strong Key Sizes**: Enforce key lengths of at least 256 bits for AES and avoid using small or weak keys such as 56-bit DES keys. | |
| - **Rely on Proper Cryptographic Libraries**: Avoid using XOR, Base64 encoding, or obfuscation as substitutes for encryption and rely on well-vetted cryptographic libraries. |
|
|
||
| ### Evaluation | ||
|
|
||
| Review each of the reported instances. |
There was a problem hiding this comment.
| Review each of the reported instances. | |
| The reported instances include: |
| - Line 37 seems the code utilize insecure DES algorithm. | ||
| - Line 56 seems to utilize Cipher.getInstance("AES") defaults to ECB, which is insecure. | ||
| - Line 79 seems the code utilize insecure 3DES algorithm. |
There was a problem hiding this comment.
it's using it, right? It doesn't "seem" like it's using it.
| @@ -0,0 +1,33 @@ | |||
| --- | |||
| platform: android | |||
| title: Uses of Insecure Encryption Algorithms in Cipher with semgrep | |||
There was a problem hiding this comment.
Please add another demo for title: Uses of Insecure Encryption Modes in Cipher with semgrep and test: MASTG-TEST-0231
There was a problem hiding this comment.
- do we need to create new Demo file for
title: Uses of Insecure Encryption Modes in Cipher with semgrepor make changes to the existing one. - The
test:MASTG-TEST-0231point to Reference to logging of APIs.
There was a problem hiding this comment.
The ID of the "Weak Encryption Modes" has changed to MASTG-TEST-0232 https://mas.owasp.org/MASTG/tests-beta/android/MASVS-CRYPTO/MASTG-TEST-0232/
You may add a new demo pointing to that test or do it on a separate PR.
You can keep this demo with the changes indicated below.
|
@sk3l10x1ng any news on this? Thanks! |
|
@cpholguera will work on the request changes |
|
Thank you! |
| title: Uses of Insecure Encryption Algorithms in Cipher with semgrep | ||
| id: MASTG-DEMO-0016 | ||
| code: [java] | ||
| test: MASTG-TEST-0211 |
There was a problem hiding this comment.
This can point to the existing test
| test: MASTG-TEST-0211 | |
| test: MASTG-TEST-0221 |
|
|
||
| ### Observation | ||
|
|
||
| The rule has identified five instances in the code file where an insecure encryption is used. The specified line numbers can be located in the original code for further investigation and remediation. |
There was a problem hiding this comment.
| The rule has identified five instances in the code file where an insecure encryption is used. The specified line numbers can be located in the original code for further investigation and remediation. | |
| The rule has identified five instances in the code file where insecure encryption algorithms are used. |
|
@sk3l10x1ng we still have some requested changes here, do you have any news? |
I've completed the demo locally, I will push the commits to the pull request |
|
@cpholguera I've added a new demo file. Please review it |
|
Hi @sk3l10x1ng, I still can see only one demo, unfortunately. Could you please double check? The following demos (each in its own folder) are expected:
This would include 2 separate semgrep files. |
@cpholguera updated the pull request with two demos |
|
I can see them now, thank you! |
|
|
||
| For example the use of TDEA (Triple Data Encryption Algorithm), which is often referred to as "Triple DES" or "3DES" is disallowed by NIST since end of 2023, due to known attacks like, "meet-in-the-middle", collision attacks and [Sweet32](https://nvd.nist.gov/vuln/detail/CVE-2016-2183). | ||
|
|
||
| Similarly, hash functions such as MD5 and SHA-1, which were previously popular for ensuring data integrity, are now considered deprecated as attackers can generate hash collisions, potentially leading to data tampering. |
|
|
||
| ## Mode of Introduction | ||
|
|
||
| - **Use of Deprecated Algorithms** : Relying on outdated or weak cryptographic algorithms can allow threat actors to attack the cipher text, key or exploit known vulnerabilities in the algorithm, for example through brute force attacks. |
There was a problem hiding this comment.
| - **Use of Deprecated Algorithms** : Relying on outdated or weak cryptographic algorithms can allow threat actors to attack the cipher text, key or exploit known vulnerabilities in the algorithm, for example through brute force attacks. | |
| - **Use of Deprecated Algorithms** : Relying on outdated or weak encryption algorithms can allow threat actors to attack the cipher text, key or exploit known vulnerabilities in the algorithm, for example through brute force attacks. |
| @@ -0,0 +1,12 @@ | |||
| rules: | |||
| - id: weak-encryption | |||
There was a problem hiding this comment.
| - id: weak-encryption | |
| - id: weak-encryption-algorithms |
There was a problem hiding this comment.
Rename to MastgTest_reversed.java (see other demos)
There was a problem hiding this comment.
Rename to MastgTest_reversed.java (see other demos)
| languages: | ||
| - java | ||
| severity: WARNING | ||
| message: Weak encryption modes |
There was a problem hiding this comment.
| message: Weak encryption modes | |
| message: [MASVS-CRYPTO-1] Weak encryption modes found in use. |
| - pattern: Cipher.getInstance("AES/ECB/ISO10126Padding") | ||
| - pattern: Cipher.getInstance("DES/ECB/PKCS5Padding") | ||
| - pattern: Cipher.getInstance("DESede/ECB/PKCS5Padding") | ||
| metadata: |
| - pattern: Cipher.getInstance("DES/ECB/PKCS5Padding") | ||
| - pattern: Cipher.getInstance("DESede/ECB/PKCS5Padding") | ||
| metadata: | ||
| summary: This rule looks for weak encryption mode like AES/ECB/NoPadding, |
There was a problem hiding this comment.
Update to be one line:
This rule looks for weak encryption modes such as AES-ECB.
There was a problem hiding this comment.
After all other changes were made. Rerun and push new outputs
There was a problem hiding this comment.
Update rule file name here as well.
After all other changes were made. Rerun and push new outputs
#2584 closes