Skip to content
VigilGuard Logo VigilGuard
Contact Us
EASM Platform VendorGuard ITRM Platform

Cryptographic Security

Cryptographic Security

Section titled “Cryptographic Security”

5 automated security scanners

Key Management Assessment

Section titled “Key Management Assessment”

Purpose: The Key Management Assessment Scanner evaluates key management practices by detecting key rotation policies, testing for hardcoded keys, checking key generation procedures, validating key storage security, and identifying key management weaknesses that could lead to key compromise, unauthorized decryption, or cryptographic failures.

What It Detects:

  • Key Rotation Policy Detection: Checks for mentions of key rotation in documentation, detects automatic rotation claims, identifies indicators of rotation frequency, verifies the presence of a documented rotation policy, and flags any missing rotation policy.
  • Hardcoded Key Detection: Scans JavaScript code for embedded keys, searches HTML/CSS for API keys, tests source code for credentials, checks for attempts to obfuscate keys, and flags exposed cryptographic material.
  • Key Generation Analysis: Verifies mentions of secure key generation methods, detects usage of CSPRNGs, identifies indicators of entropy sources, verifies the use of key derivation functions, and flags weak or predictable key generation practices.
  • Key Storage Security: Checks for encrypted storage of keys, detects integration with key vault services, tests for environment variable usage, verifies secrets management practices, and flags any plaintext key storage.
  • Key Lifecycle Management: Verifies mentions of key expiration policies, detects versioning mentions in documentation, tests archival procedures, confirms claims about key destruction, and identifies missing lifecycle controls.

Inputs Required:

  • domain (string): Fully qualified domain name (e.g., ekkatha.com)

Business Impact: Poor key management undermines all cryptography, leading to trivial decryption with hardcoded keys, long-term compromise through lack of rotation, weak generation producing predictable keys, exposure of key material due to insecure storage, and orphaned keys without proper lifecycle management. These issues can result in significant security risks including unauthorized access, data leakage, and cryptographic failures.

Risk Levels:

  • Critical: Hardcoded keys enable trivial decryption, missing key rotation allows long-term compromise, weak key generation produces predictable keys, insecure storage exposes key material, no key lifecycle leads to orphaned keys.
  • High: Exposure of cryptographic material through hardcoding or other means can lead to unauthorized access and data leakage.
  • Medium: Weak or predictable key generation methods can be exploited by attackers, potentially compromising the security of encrypted data.
  • Low: Insecure storage practices might not directly impact security but are indicative of poor software development habits that could extend to other areas.
  • Info: Informational findings relate to potential improvements in documentation and code quality rather than immediate security risks.

Example Findings:

  1. A website contains hardcoded API keys which can be easily accessed by anyone with the right tools, posing a risk of unauthorized access to sensitive information.
  2. The application claims to use automatic key rotation but lacks any evidence or documentation supporting this claim in the code or comments.

Cryptographic Hardware Security

Section titled “Cryptographic Hardware Security”

Purpose: The Cryptographic Hardware Security Scanner evaluates cryptographic hardware implementations by detecting various indicators of HSM usage, TPM references, and secure key storage mechanisms. It aims to identify risks associated with weak cryptographic hardware that could compromise key material or cryptographic operations.

What It Detects:

  • HSM Detection: Checks for mentions of popular HSM vendors (Thales, nCipher, AWS CloudHSM) and tests for indicators of hardware security modules.
  • TPM/Secure Enclave Analysis: Identifies references to TPM and other secure enclave technologies such as Intel SGX, AMD SEV, and ARM TrustZone.
  • Key Storage Security: Tests for integration with key vault services (Azure Key Vault, AWS KMS) and evaluates the security of storing cryptographic keys.
  • Hardware RNG Validation: Verifies the use of hardware Random Number Generators (RNGs) and checks compliance with FIPS 140-2 standards.
  • Cryptographic Acceleration: Detects AES-NI usage, tests for hardware crypto acceleration, and assesses GPU crypto offload capabilities.

Inputs Required:

  • domain (string): Fully qualified domain name (e.g., ekkatha.com)

Business Impact: Weak cryptographic hardware can lead to significant security risks, including unauthorized access to key material, potential theft of sensitive data, and compromised encryption operations. This directly impacts the integrity and confidentiality of digital assets and systems.

Risk Levels:

  • Critical: The scanner identifies missing or poorly implemented HSMs, TPMs, or secure enclaves that could lead to direct key extraction attacks or other severe security breaches.
  • High: The presence of software-only crypto solutions without hardware support exposes the system to memory dump vulnerabilities and enables simpler attacks on cryptographic keys.
  • Medium: Lack of hardware RNG can undermine the strength of encryption, making data more vulnerable to brute force or statistical attacks.
  • Low: Performance optimizations relying solely on GPU crypto offload may not be sufficient for high-security applications if they compromise the integrity of cryptographic operations.
  • Info: Informational findings include mentions of generic hardware features without specific security implications.

Example Findings:

  1. The system under test does not mention any HSM vendors, indicating a potential lack of hardware support for cryptographic operations.
  2. References to an outdated or unsupported TPM version suggest inadequate protection against boot-time tampering.

This documentation provides a clear overview and detailed specifications of the Cryptographic Hardware Security Scanner’s capabilities and requirements, ensuring users understand its purpose and how it operates within their security infrastructure.

Protocol Security Analysis

Section titled “Protocol Security Analysis”

Purpose: The Protocol Security Analysis Scanner evaluates cryptographic protocol security by testing TLS/SSL configuration, checking protocol version support, validating cipher suite selection, analyzing perfect forward secrecy implementation, and identifying protocol weaknesses that could enable downgrade attacks, man-in-the-middle attacks, or traffic decryption.

What It Detects:

  • TLS Version Support: The scanner tests minimum TLS versions (1.2, 1.3), checks for deprecated protocols (SSL 3.0, TLS 1.0/1.1), verifies protocol version enforcement, detects downgrade attack protection, and flags insecure protocol support.
  • Cipher Suite Analysis: It tests supported cipher suites, checks for weak ciphers (RC4, DES, 3DES), verifies strong cipher preference (AES-GCM, ChaCha20), detects NULL/EXPORT ciphers, and flags cipher suite order.
  • Perfect Forward Secrecy: The scanner checks for ECDHE support, detects DHE cipher suites, verifies ephemeral key exchange, tests for static RSA rejection, and flags missing PFS.
  • Certificate Configuration: It tests certificate chain completeness, checks certificate validity, verifies signature algorithm (SHA-256+), detects weak signatures (SHA-1, MD5), and flags certificate issues.
  • Protocol Features: The scanner checks for HSTS support, tests session resumption security, verifies OCSP stapling, detects protocol extensions, and flags missing security features.

Inputs Required:

  • domain (string): Fully qualified domain name (e.g., ekkatha.com)

Business Impact: Protocol vulnerabilities compromise encrypted communications, potentially leading to data leakage or unauthorized access. This can significantly impact the confidentiality, integrity, and availability of sensitive information exchanged over networks.

Risk Levels:

  • Critical: Vulnerabilities in TLS 1.0/1.1 that are susceptible to BEAST/POODLE attacks, weak cipher suites allowing decryption, missing perfect forward secrecy (PFS), and protocol downgrade attacks pose a critical risk as they can lead to man-in-the-middle attacks and traffic decryption.
  • High: Inadequate support for modern TLS versions (TLS 1.2, TLS 1.3) or use of deprecated protocols (SSL 3.0) can expose systems to high risks if not mitigated.
  • Medium: Use of weak cipher suites and lack of PFS can lead to medium risk vulnerabilities that may be exploited with sufficient resources but are less severe than critical issues.
  • Low: Informational findings such as the use of HSTS, OCSP stapling, or secure session resumption generally indicate low risk unless they are part of a larger protocol configuration that could be improved for enhanced security.
  • Info: Findings related to certificate validity and strong signature algorithms fall under the informational category unless they contribute to significant vulnerabilities in the cryptographic security posture.

Example Findings:

  • The scanner identifies an unsupported TLS version, which may allow attackers to exploit weaker encryption methods.
  • A system uses weak cipher suites like RC4 or DES, making it easier for malicious users to decrypt traffic.
  • There is no support for perfect forward secrecy (PFS), allowing past sessions to be decrypted retroactively.
  • The certificate used has a weak signature algorithm, such as SHA-1, which is vulnerable to attacks.

Cryptographic Implementation Review

Section titled “Cryptographic Implementation Review”

Purpose: The Cryptographic Implementation Review Scanner is designed to assess the quality of cryptographic implementations by detecting custom crypto code, testing for known vulnerabilities in algorithms and library versions, checking for deprecated algorithms, validating cipher mode usage, and identifying potential weaknesses that could compromise encryption security.

What It Detects:

  • Deprecated Algorithm Detection: Checks for MD5, SHA1, DES/3DES, and RC4 usages to identify systems using vulnerable or outdated cryptographic methods.
  • Weak Cipher Mode Detection: Evaluates the use of ECB mode and other insecure cipher modes that can lead to predictable patterns in encrypted data.
  • Library Version Analysis: Analyzes mentions of crypto libraries (e.g., OpenSSL, BouncyCastle, Cryptography) to ensure they are up-to-date and not vulnerable.
  • Custom Crypto Detection: Identifies any proprietary or non-standard cryptographic implementations that might introduce security risks.
  • Key Length Validation: Verifies the strength of encryption keys used, particularly for RSA and AES algorithms, ensuring minimum recommended lengths are met.

Inputs Required:

  • domain (string): A fully qualified domain name (e.g., ekkatha.com) that needs to be scanned for cryptographic vulnerabilities.

Business Impact: Poor cryptographic implementation can lead to significant security breaches, as it may expose systems to attacks such as collision detection in MD5 and SHA1, padding oracle attacks with weak encryption schemes, and exploitation of outdated library versions. Detecting and remediating these issues is crucial for maintaining the integrity and confidentiality of sensitive information processed by applications on compromised systems.

Risk Levels:

  • Critical: Systems using deprecated algorithms (e.g., MD5, SHA1), insecure cipher modes (e.g., ECB), or weak key sizes are considered critical risks as they directly enable known cryptographic attacks.
  • High: Outdated library versions and mentions of custom or proprietary encryption methods pose high risk due to potential vulnerabilities in these implementations.
  • Medium: Weak cipher modes and suboptimal key lengths can lead to reduced security, although the risk might not be as immediate as with critical issues.
  • Low: Informational findings may include references to modern cryptographic practices that are correctly implemented but could still benefit from updates or standardization.
  • Info: These are generally for confirming compliance with recommended standards and do not necessarily indicate vulnerabilities unless they pertain directly to deprecated algorithms, weak cipher modes, or key lengths.

Example Findings:

  1. A system uses MD5 for hashing user passwords, which is highly insecure due to its vulnerability to collision attacks.
  2. The application employs ECB mode in encryption, exposing sensitive data patterns that could be exploited by an attacker.

This documentation provides a clear and detailed overview of the scanner’s purpose, what it detects, the inputs required for effective use, the business impact if not addressed, and the risk levels associated with its findings.

Random Number Generation Security

Section titled “Random Number Generation Security”

Purpose: The Random Number Generation Security Scanner evaluates the security of random number generation by detecting mentions of RNG implementation, testing for weak randomness indicators, checking for predictable seed usage, validating entropy sources, and identifying RNG weaknesses that could enable prediction attacks, weak key generation, or cryptographic failures.

What It Detects:

  • RNG Implementation Detection: Evaluates the use of CSPRNG (crypto.randomBytes) and detects Math.random(), /dev/urandom references, and SecureRandom mentions.
  • Entropy Source Analysis: Checks for hardware RNG usage, entropy pool references, seed source indicators, and verifies randomness quality claims.
  • Crypto Library RNG Usage: Verifies the use of crypto.getRandomValues, OpenSSL RAND_bytes, and platform CSPRNG usage.
  • Predictable Pattern Detection: Identifies timestamp-based seeds, sequential number generation, static seed usage, and nonce uniqueness.
  • IV/Nonce Generation: Assesses random IV generation, detects nonce reuse risks, creates unique identifiers for session tokens, and verifies their randomness.

Inputs Required:

  • domain (string): Fully qualified domain name (e.g., ekkatha.com)

Business Impact: Weak random number generation undermines all cryptography by enabling key prediction, producing weak keys, creating reproducible randomness, and potentially leading to cryptographic failures. This can significantly compromise the security of systems that rely on cryptography for authentication, encryption, and other critical functions.

Risk Levels:

  • Critical: Conditions where predictable RNG enables key prediction or leads to weak keys due to insufficient entropy.
  • High: Poor seeding creates reproducible randomness, making it unsuitable for cryptographic applications.
  • Medium: Weak IV/nonce generation can lead to attacks on session tokens and other security mechanisms.
  • Low: Non-crypto RNG usage might not impact high-security applications but is still recommended to be replaced with a stronger source of entropy.
  • Info: Informational findings indicate the presence of Math.random() or similar weak random number generators, which are generally unsuitable for cryptographic purposes.

Example Findings:

  1. A system uses Math.random() for generating cryptographic keys, which is known to be insecure due to its predictable output.
  2. An application relies on a static seed value that can be easily predicted, leading to the same sequence of random numbers each time the software runs.

This user-facing documentation provides a clear and concise overview of the purpose and functionality of the Random Number Generation Security Scanner, detailing what it detects, the inputs required for operation, its business impact, and possible risk levels based on findings.