Status: Draft Weakness ID: 326 (Weakness Class)Summary Insufficiently strong encryption schemes may not adequately secure secret data from attackers. Attackers can guess or use brute force attacks to break weakly encrypted schemes.
Architecture and Design Use a cryptographic algorithm that is currently considered to be strong by experts in the field.
A variety of encryption algorithms exist, with various weaknesses. This category could probably be split into smaller sub-categories. Submissions PLOVER. (Externally Mined) Modifications Veracode. 2008-08-15. (External) Suggested OWASP Top Ten 2004
mapping CWE Content Team. MITRE. 2008-09-08. (Internal) updated Maintenance_Notes, Relationships,
Taxonomy_Mappings CWE Content Team. MITRE. 2009-03-10. (Internal) updated Relationships CWE Content Team. MITRE. 2009-05-27. (Internal) updated Related_Attack_Patterns |
|
Page Last Updated:
May 26, 2009
|
|
CWE is a Software Assurance strategic initiative sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security. This Web site is hosted by The MITRE Corporation. Contact cwe@mitre.org for more information. |
|||
