Security Primitives and Cryptography Issues
A category in the Common Weakness Enumeration published by The MITRE Corporation.
Summary
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
Weaknesses in this category are related to hardware implementations of cryptographic protocols and other hardware-security primitives such as physical unclonable functions (PUFs) and random number generators (RNGs).
Weaknesses
Performing cryptographic operations without ensuring that the supporting inputs are ready to supply valid data may compromise the cryptographic result.
A hardware device, or the firmware running on it, is missing or has incorrect protection features to maintain goals of security primiti...
The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security...
To fulfill the need for a cryptographic primitive, the product implements a cryptographic algorithm using a non-standard, unproven, or disallowed/non-compliant cryptog...
The device uses an algorithm that is predictable and generates a pseudo-random number.
Concepts
This view organizes weaknesses around concepts that are frequently used or encountered in hardware design. Accordingly, this view can align closely with the perspectiv...
Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.