Key Exchange without Entity AuthenticationID: 322 | Date: (C)2012-05-14 (M)2022-10-10 |
Type: weakness | Status: DRAFT |
Abstraction Type: Base |
Description
The software performs a key exchange with an actor without
verifying the identity of that actor.
Extended DescriptionPerforming a key exchange will preserve the integrity of the information
sent between two entities, but this will not guarantee that the entities are
who they claim they are. This may enable a set of "man-in-the-middle"
attacks. Typically, this involves a victim client that contacts a malicious
server that is impersonating a trusted server. If the client skips
authentication or ignores an authentication failure, the malicious server
may request authentication information from the user. The malicious server
can then use this authentication information to log in to the trusted server
using the victim's credentials, sniff traffic between the victim and trusted
server, etc.
Likelihood of Exploit: High
Applicable PlatformsLanguage Class: All
Time Of Introduction
Common Consequences
Scope | Technical Impact | Notes |
---|
Access_Control | Bypass protection
mechanism | No authentication takes place in this process, bypassing an assumed
protection of encryption. |
Confidentiality | Read application
data | The encrypted communication between a user and a trusted host may be
subject to a "man-in-the-middle" sniffing attack. |
Detection MethodsNone
Potential Mitigations
Phase | Strategy | Description | Effectiveness | Notes |
---|
Architecture and Design | | Ensure that proper authentication is included in the system
design. | | |
Implementation | | Understand and properly implement all checks necessary to ensure the
identity of entities involved in encrypted communications. | | |
Relationships
Related CWE | Type | View | Chain |
---|
CWE-322 ChildOf CWE-903 | Category | CWE-888 | |
Demonstrative Examples (Details)
- Many systems have used Diffie-Hellman key exchange without
authenticating the entities exchanging keys, leading to man-in-the-middle
attacks. Many people using SSL/TLS skip the authentication (often
unknowingly).
White Box Definitions None
Black Box Definitions None
Taxynomy Mappings
Taxynomy | Id | Name | Fit |
---|
CLASP | | Key exchange without entity authentication | |
References:
- Michael Howard David LeBlanc John Viega .24 Deadly Sins of Software Security. McGraw-Hill. Section:'"Sin 23: Improper Use of PKI, Especially SSL." Page
347'. Published on 2010.
- Mark Dowd John McDonald Justin Schuh .The Art of Software Security Assessment 1st Edition. Addison Wesley. Section:'Chapter 2, "Untrustworthy Credentials", Page
37.'. Published on 2006.