Détail du CWE-656

The product uses a protection mechanism whose strength depends heavily on its obscurity, such that knowledge of its algorithms or key data is sufficient to defeat the mechanism.

This reliance on "security through obscurity" can produce resultant weaknesses if an attacker is able to reverse engineer the inner workings of the mechanism. Note that obscurity can be one small part of defense in depth, since it can create more work for an attacker; however, it is a significant risk if used as the primary means of protection.

Modes d'introduction

Architecture and Design
Implementation : REALIZATION: This weakness is caused during implementation of an architectural security tactic.

Plateformes applicables

Langue

Class: Not Language-Specific (Undetermined)

Conséquences courantes

Exemples observés

Mesures d’atténuation potentielles

Phases : Architecture and Design
Always consider whether knowledge of your code or design is sufficient to break it. Reverse engineering is a highly successful discipline, and financially feasible for motivated adversaries. Black-box techniques are established for binary analysis of executables that use obfuscation, runtime analysis of proprietary protocols, inferring file formats, and others.
Phases : Architecture and Design
When available, use publicly-vetted algorithms and procedures, as these are more likely to undergo more extensive security analysis and testing. This is especially the case with encryption and authentication.

Notes de cartographie des vulnérabilités

Justification : This CWE entry is a Class, but it does not have Base-level children.
Commentaire : This entry is classified in a part of CWE's hierarchy that does not have sufficiently low-level coverage, which might reflect a lack of classification-oriented weakness research in the software security community. Conduct careful root cause analysis to determine the original mistake that led to this weakness. If closer analysis reveals that this weakness is appropriate, then this might be the best available CWE to use for mapping. If no other option is available, then it is acceptable to map to this CWE.

NotesNotes

Note that there is a close relationship between this weakness and CWE-603 (Use of Client-Side Authentication). If developers do not believe that a user can reverse engineer a client, then they are more likely to choose client-side authentication in the belief that it is safe.

Références

REF-196

The Protection of Information in Computer Systems
Jerome H. Saltzer, Michael D. Schroeder.
http://web.mit.edu/Saltzer/www/publications/protection/

REF-544

Never Assuming that Your Secrets Are Safe
Sean Barnum, Michael Gegick.
https://web.archive.org/web/20220126060054/https://www.cisa.gov/uscert/bsi/articles/knowledge/principles/never-assuming-that-your-secrets-are-safe

REF-542

RFC: 793, TRANSMISSION CONTROL PROTOCOL
Jon Postel, Editor.
https://www.ietf.org/rfc/rfc0793.txt

Soumission

Modifications