Adds to OWASP/mastg#2588 [MASWE-0024] Weak Message Authentication Codes (MAC) #3
Conversation
sydseter
changed the title
sydseter
changed the title
sydseter
changed the title
| - **Loss of Integrity and authenticity**: Improper use of MAC may result in replay attacks or, in worse case, broken authentication that could compromise the integrity of a system. | ||
| - **Loss of Confidentiality**: Using MAC for other purposes than authentication may lead to a complete loss of confidentiality. |
There was a problem hiding this comment.
MACs aim for data authenticity while HMAC for integrity and authenticity.
As a basis I think we should focus give a clear separation and understanding of those 2 to the reader.
There was a problem hiding this comment.
Divided it in three.
|
|
||
| Improper use of a MAC by e.g., generating a MAC over a message without the timestamp can make the application susceptible for replay attacks. | ||
|
|
||
| Another common issue is using an HMAC with any type of general based hashing algorithm like MD5, SHA-1, SHA-2 or even SHA-3 on low-entropy input like user supplied passwords and pins. HMAC aren't designed for low-entropy inputs or low-entropy keys. Doing so will result in producing "weak" message digests that easily can be exploited. |
There was a problem hiding this comment.
maybe instead of repeating insecure hashes we could point to the hash-related weakness you have written
There was a problem hiding this comment.
It's kind of interrelated and I am not really emphasizing the weakness in the underlying algorithm here. I am trying to point to the issue with using low-entropy inputs.
|
|
||
| Another common issue is using an HMAC with any type of general based hashing algorithm like MD5, SHA-1, SHA-2 or even SHA-3 on low-entropy input like user supplied passwords and pins. HMAC aren't designed for low-entropy inputs or low-entropy keys. Doing so will result in producing "weak" message digests that easily can be exploited. | ||
|
|
||
| A deprecated HMAC implementation may contain bugs that could compromise the authenticity of the data. |
There was a problem hiding this comment.
that's an impact. Also "contain bugs" is a tad too generic
There was a problem hiding this comment.
Sure, but isn't this the overview?
There was a problem hiding this comment.
Changed this section. New read-through necessary.
| - **Loss of Integrity and authenticity**: Improper use of MAC may result in replay attacks or, in worse case, broken authentication that could compromise the integrity of a system. | ||
| - **Loss of Confidentiality**: Using MAC for other purposes than authentication may lead to a complete loss of confidentiality. | ||
|
|
||
| ## Modes of Introduction |
There was a problem hiding this comment.
let's also structure this section into MAC and HMAC and their respective "issues".
Also the draft section in header, has more inspiration, like insecure hash function for HMAC (we can link to related WE)
There was a problem hiding this comment.
I've added all the cases mentioned in the header now.
Clarified the overview and impact of improper MAC usage, emphasizing the risks of MAC forgeries and the need for proper sequence numbers or timestamps. Updated details on the consequences of using HMAC with low-entropy inputs and the importance of avoiding deprecated implementations.
Updated the overview and mitigations sections to clarify issues with MAC usage, including nonce and timestamp importance, and deprecated HMAC implementations. Removed redundant information and improved clarity.
There was a problem hiding this comment.
Pull Request Overview
This PR adds comprehensive documentation content for MASWE-0024 (Weak Message Authentication Codes) as part of the OWASP MASTG project. The addition transforms the weakness entry from a placeholder into a complete documentation page.
Key Changes:
- Added detailed Overview section explaining common MAC implementation weaknesses including improper nonce/timestamp usage, incorrect MAC application order with CBC mode, and issues with deprecated algorithms
- Added Impact section describing consequences including loss of authenticity, integrity, and confidentiality
- Added Modes of Introduction and Mitigations sections providing practical guidance for developers
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
3 participants
This PR is related to OWASP/mastg#2588
but does not close it.
Description
See issue for details.
[x] I have read the contributing guidelines.
Guidelines for Pull Requests (you can delete this section after reading):