BaseDraft

CWE-1240Use of a Cryptographic Primitive with a Risky Implementation

Category: other

Description

To fulfill the need for a cryptographic primitive, the product implements a cryptographic algorithm using a non-standard, unproven, or disallowed/non-compliant cryptographic implementation.

Common consequences· 1

  • Confidentiality — Read Application Data
    Incorrect usage of crypto primitives could render the supposedly encrypted data as unencrypted plaintext in the worst case.

Potential mitigations· 5

  • [Requirements] Require compliance with the strongest-available recommendations from trusted parties, and require that compliance must be kept up-to-date, since recommendations evolve over time. For example, US government systems require FIPS 140-3 certification, which supersedes FIPS 140-2 [REF-1192] [REF-267].
  • [Architecture and Design] Ensure that the architecture/design uses the strongest-available primitives and algorithms from trusted parties. For example, US government systems require FIPS 140-3 certification, which supersedes FIPS 140-2 [REF-1192] [REF-267].
  • [Architecture and Design] Do not develop custom or private cryptographic algorithms. They will likely be exposed to attacks that are well-understood by cryptographers. As with all cryptographic mechanisms, the source code should be available for analysis. If the algorithm may be compromised when attackers find out how it works, then it is especially weak.
  • [Architecture and Design] Try not to use cryptographic algorithms in novel ways or with new modes of operation even when you "know" it is secure. For example, using SHA-2 chaining to create a 1-time pad for encryption might sound like a good idea, but one should not do this.
  • [Architecture and Design]Ensure that the design can replace one cryptographic primitive or algorithm with another in the next generation ("cryptographic agility"). Where possible, use wrappers to make the interfaces uniform. This will make it easier to upgrade to stronger algorithms. This is especially important for hardware, which can be more difficult to upgrade quickly than software; design the hardware at a replaceable block level.

Related CAPEC attack patterns· 1

CAPEC-97

References

  1. https://cwe.mitre.org/data/definitions/1240.html

Exploits (incoming)1

TypeTargetConfidenceTier
AttackPatternCryptanalysiscapec-97100%live

(incoming)1

TypeTargetConfidenceTier
VulnerabilityCVE-2025-24802cve-2025-248020%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Use of a Broken or Risky Cryptographic Algorithm
CWE
Improperly Implemented Security Check for Standard
CWE
Violation of Secure Design Principles
CWE
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
CWE
Inadequate Encryption Strength
CWE
Use of Insufficiently Random Values
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.