2022年4月16日 星期六

[研究][ASP.NET]Fortify SCA 報告 CipherMode.CBC 有 Weak Encryption: Insecure Mode of Operation 問題之解決(一)

[研究][ASP.NET]Fortify SCA 報告 CipherMode.CBC 有 Weak Encryption: Insecure Mode of Operation 問題之解決(一)

2022-04-16

本篇一系列文並非今天發生,而是今天整理。


出事的程式碼是 

rijAlg.Mode = CipherMode.CBC;   


********************************************************************************

Fortify SCA 的建議

Recommendations:

當加密的資料超過一個區塊時,請避免使用 ECB 和 CBC 作業模式。在與 SSL 搭配使用時,CBC 模式的效能會有些降低而導致嚴重風險 [1]。因此,請改用 CCM (Counter with CBC-MAC) 模式,或者,如果效能需優先考量,則使用 GCM (Galois/Counter Mode) 模式 (如果可用)。

範例 2:以下程式碼使用 AES 加密搭配 GCM 模式:

  ...

  var cipher = new AesGcm(securityKeyArray)

  ...

References:

[1] CVE 2014-3566, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566

[2] Timing vulnerabilities with CBC-mode symmetric decryption using padding, https://docs.microsoft.com/en-us/dotnet/standard/security/vulnerabilities-cbc-mode

[3] Standards Mapping - Common Weakness Enumeration, CWE ID 327

[4] Standards Mapping - DISA Control Correlation Identifier Version 2, CCI-002450

[5] Standards Mapping - FIPS200, MP

[6] Standards Mapping - General Data Protection Regulation, Insufficient Data Protection

[7] Standards Mapping - NIST Special Publication 800-53 Revision 4, SC-13 Cryptographic Protection (P1)

[8] Standards Mapping - NIST Special Publication 800-53 Revision 5, SC-13 Cryptographic Protection

[9] Standards Mapping - OWASP Application Security Verification Standard 4.0, 2.6.3 Look-up Secret Verifier Requirements (L2 L3), 2.9.3 Cryptographic Software and Devices Verifier Requirements (L2 L3), 6.2.1 Algorithms (L1 L2 L3), 6.2.2 Algorithms (L2 L3), 8.3.7 Sensitive Private Data (L2 L3), 9.1.2 Communications Security Requirements (L1 L2 L3), 9.1.3 Communications Security Requirements (L1 L2 L3)

[10] Standards Mapping - OWASP Mobile Top 10 Risks 2014, M6 Broken Cryptography

[11] Standards Mapping - OWASP Top 10 2004, A8 Insecure Storage

[12] Standards Mapping - OWASP Top 10 2007, A8 Insecure Cryptographic Storage

[13] Standards Mapping - OWASP Top 10 2010, A7 Insecure Cryptographic Storage

[14] Standards Mapping - OWASP Top 10 2013, A6 Sensitive Data Exposure

[15] Standards Mapping - OWASP Top 10 2017, A3 Sensitive Data Exposure

[16] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1, Requirement 6.5.8

[17] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2, Requirement 6.3.1.3, Requirement 6.5.8

[18] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0, Requirement 6.5.3

[19] Standards Mapping - Payment Card Industry Data Security Standard Version 3.0, Requirement 6.5.3

[20] Standards Mapping - Payment Card Industry Data Security Standard Version 3.1, Requirement 6.5.3

[21] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2, Requirement 6.5.3

[22] Standards Mapping - Payment Card Industry Data Security Standard Version 3.2.1, Requirement 6.5.3

[23] Standards Mapping - Payment Card Industry Software Security Framework 1.0, Control Objective 7.4 - Use of Cryptography

[24] Standards Mapping - Payment Card Industry Software Security Framework 1.1, Control Objective 7.4 - Use of Cryptography

[25] Standards Mapping - SANS Top 25 2009, Porous Defenses - CWE ID 327

[26] Standards Mapping - SANS Top 25 2010, Porous Defenses - CWE ID 327

[27] Standards Mapping - SANS Top 25 2011, Porous Defenses - CWE ID 327

[28] Standards Mapping - Security Technical Implementation Guide Version 3.1, APP3150.1 CAT II

[29] Standards Mapping - Security Technical Implementation Guide Version 3.10, APP3150.1 CAT II

[30] Standards Mapping - Security Technical Implementation Guide Version 3.4, APP3150.1 CAT II

[31] Standards Mapping - Security Technical Implementation Guide Version 3.5, APP3150.1 CAT II

[32] Standards Mapping - Security Technical Implementation Guide Version 3.6, APP3150.1 CAT II

[33] Standards Mapping - Security Technical Implementation Guide Version 3.7, APP3150.1 CAT II

[34] Standards Mapping - Security Technical Implementation Guide Version 3.9, APP3150.1 CAT II

[35] Standards Mapping - Security Technical Implementation Guide Version 4.1, APSC-DV-002010 CAT II, APSC-DV-002040 CAT II

[36] Standards Mapping - Security Technical Implementation Guide Version 4.10, APSC-DV-002010 CAT II, APSC-DV-002040 CAT II

[37] Standards Mapping - Security Technical Implementation Guide Version 4.11, APSC-DV-002010 CAT II, APSC-DV-002040 CAT II

[38] Standards Mapping - Security Technical Implementation Guide Version 4.2, APSC-DV-002010 CAT II, APSC-DV-002040 CAT II

[39] Standards Mapping - Security Technical Implementation Guide Version 4.3, APSC-DV-002010 CAT II, APSC-DV-002040 CAT II

[40] Standards Mapping - Security Technical Implementation Guide Version 4.4, APSC-DV-002010 CAT II, APSC-DV-002040 CAT II

[41] Standards Mapping - Security Technical Implementation Guide Version 4.5, APSC-DV-002010 CAT II, APSC-DV-002040 CAT II

[42] Standards Mapping - Security Technical Implementation Guide Version 4.6, APSC-DV-002010 CAT II, APSC-DV-002040 CAT II

[43] Standards Mapping - Security Technical Implementation Guide Version 4.7, APSC-DV-002010 CAT II, APSC-DV-002040 CAT II

[44] Standards Mapping - Security Technical Implementation Guide Version 4.8, APSC-DV-002010 CAT II, APSC-DV-002040 CAT II

[45] Standards Mapping - Security Technical Implementation Guide Version 4.9, APSC-DV-002010 CAT II, APSC-DV-002040 CAT II

[46] Standards Mapping - Security Technical Implementation Guide Version 5.1, APSC-DV-002010 CAT II, APSC-DV-002040 CAT II

********************************************************************************

解決:

CipherMode 列舉 (System.Security.Cryptography) | Microsoft Docs

https://docs.microsoft.com/zh-tw/dotnet/api/system.security.cryptography.ciphermode?view=netframework-4.8&f1url=%3FappId%3DDev16IDEF1%26l%3DZH-TW%26k%3Dk(System.Security.Cryptography.CipherMode.OFB);k(TargetFrameworkMoniker-.NETFramework,Version%253Dv4.8);k(DevLang-csharp)%26rd%3Dtrue

因為微軟建議別用 ECB,Fortify SCA 又說 CBC 不安全,建議用 CTR ( 後來 Fortify 有修過說明,沒再提),但 CipherMode 不支援 CTR,敝人選了個代碼較高的 CTS (代碼 5)


rijAlg.Mode = CipherMode.CTS;   

編譯正常。

(完)

相關

[研究][ASP.NET]Fortify SCA 報告 CipherMode.CBC 有 Weak Encryption: Insecure Mode of Operation 問題之解決(一)
https://shaurong.blogspot.com/2022/04/aspnetfortify-sca-ciphermodecbc-weak.html

[研究][ASP.NET]Fortify SCA 報告 CipherMode.CBC 有 Weak Encryption: Insecure Mode of Operation 問題之解決(二)
https://shaurong.blogspot.com/2022/04/aspnetaspnetfortify-sca-ciphermodecbc.html

[研究][ASP.NET]Fortify SCA 報告 CipherMode.CBC 有 Weak Encryption: Insecure Mode of Operation 問題之解決(三)
https://shaurong.blogspot.com/2022/04/aspnetfortify-sca-ciphermodecbc-weak_16.html

沒有留言:

張貼留言