I\'m a pentester and currently analysing a web application which are using some

Question

I'm a pentester and currently analysing a web application which are using some strange encryption scheme.

The point is: They encrypt using AES-128, generate a (not cryptographic secure) key and use this as encryption key AND initialization vector.

I'm not a crypto expert, but I know that this is bad (aside of the insecure generation of the key). The problem is, that I don't know what the concrete consequences are?

Can someone please enlighten me, so I can explain to the developers that this is bad? Thanks

Explanation / Answer

If they are not generating a new key for every encryption, then the other answers apply.

If they are generating a new random key for every encryption, then there are no glaring security holes (since they are using a poor random number generator, even if they think they are generating new keys for every encryption, they might not be).

That said, if they are generating a new key for every encryption and switch to a good random number generator, you should still try to talk them out of doing what they are doing. The reason being, they are not following the well-studied standards. No cryptanalyst that I am aware of has studied the particular construction they are (potentially) using (key==iv, iv not sent in the clear, new random key for every encryption). So, there might be unknown weaknesses. Why not use standard practices and at least know that lots of people have studied your construction and have not found problems.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.