CWE-1279: Cryptographic Operations are run Before Supporting Units are Ready
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
Performing cryptographic operations without ensuring that the supporting inputs are ready to supply valid data may compromise the cryptographic result.
扩展描述
Many cryptographic hardware units depend upon other hardware units to supply information to them to produce a securely encrypted result. For example, a cryptographic unit that depends on an external random-number-generator (RNG) unit for entropy must wait until the RNG unit is producing random numbers. If a cryptographic unit retrieves a private encryption key from a fuse unit, the fuse unit must be up and running before a key may be supplied.
常见后果
影响范围: Access Control Confidentiality Integrity Availability Accountability Authentication Authorization Non-Repudiation
技术影响: Varies by Context
潜在缓解措施
阶段: Architecture and Design
描述: Best practices should be used to design cryptographic systems.
阶段: Implementation
描述: Continuously ensuring that cryptographic inputs are supplying valid information is necessary to ensure that the encrypted output is secure.
引入模式
| 阶段 | 说明 |
|---|---|
| Architecture and Design | - |
| Implementation | The decision to continue using a cryptographic unit even though the input units to it are not producing valid data will compromise the encrypted result. |