Insecure generation of random numbers

Insecure generation of random numbers - Static IV

Need

Ensuring secure initialization vectors for cryptographic operations

Context

• Usage of Elixir (version 1.10 and above) for building scalable and fault-tolerant applications

• Usage of Plug and Cowboy for HTTP request and response handling

• Usage of Ecto for data persistence

• Usage of crypto for cryptographic operations

Description

1. Non compliant code

defmodule MyApp.Crypto do
  @iv "0123456789abcdef"
  def encrypt(data, key) do
    :crypto.block_encrypt(:aes_cbc128, key, @iv, data)
  end
end

In this insecure code, a static, hardcoded initialization vector (IV) is used in the AES encryption. Using a static IV for multiple encryptions with the same key allows an attacker to analyze the patterns and potentially reverse-engineer the key.

2. Steps

• Use :crypto.strong_rand_bytes to generate a random initialization vector for each encryption.

• Avoid using static, hardcoded initialization vectors.

3. Secure code example

defmodule MyApp.Crypto do
  def encrypt(data, key) do
    iv = :crypto.strong_rand_bytes(16)
    {:iv, :crypto.block_encrypt(:aes_cbc128, key, iv, data)}
  end
end

In the secure version, a new random initialization vector (IV) is generated for each encryption using :crypto.strong_rand_bytes. This method provides sufficient randomness and high entropy, which makes it very difficult for an attacker to predict the IVs.

References

• 395. Insecure generation of random numbers - Static IV

On this page