The software does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by that algorithm.
Cryptographic implementations should follow the algorithms that define them exactly, otherwise encryption can be weaker than expected.
Time of Introduction
Architecture and Design
Modes of Introduction
Developers sometimes omit certain "expensive" (resource-intensive) steps
in order to improve performance, especially in devices with limited memory
or CPU cycles. This could be done under a mistaken impression that the step
is unnecessary for preserving security. Alternately, the developer might
adopt a threat model that is inconsistent with that of its consumers by
accepting a risk for which the remaining protection seems "good
This issue can be introduced when the requirements for the algorithm are
not clearly stated.
Technical Impact: Bypass protection
If the cryptographic algorithm is used for authentication and
authorization, then an attacker could gain unauthorized access to the
Technical Impact: Read application data; Modify application data
Sensitive data may be compromised by the use of a broken or risky
Technical Impact: Hide activities
If the cryptographic algorithm is used to ensure the identity of the
source of the data (such as digital signatures), then a broken algorithm
will compromise this scheme and the source of the data cannot be