The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.
View on MITRENo mitigation information available for this CWE.
No detection method information available for this CWE.
The example code is taken from the HMAC engine inside the buggy OpenPiton SoC of HACK@DAC'21 [REF-1358]. HAMC is a message authentication code (MAC) that uses both a hash and a secret crypto key. The HMAC engine in HACK@DAC SoC uses the SHA-256 module for the calculation of the HMAC for 512 bits messages.
However, this HMAC engine cannot handle messages that are longer than 512 bits. Moreover, a complete HMAC will contain an iterate hash function that breaks up a message into blocks of a fixed size and iterates over them with a compression function (e.g., SHA-256). Therefore, the implementation of the HMAC in OpenPiton SoC is incomplete. Such HMAC engines will not be used in real-world applications as the messages will usually be longer than 512 bits. For instance, OpenTitan offers a comprehensive HMAC implementation that utilizes a FIFO for temporarily storing the truncated message, as detailed in [REF-1359].
Missing challenge-response step allows authentication bypass using public key.
View DetailsNo relationship information available for this CWE.
CWE-325: Missing Cryptographic Step is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.
If exploited, CWE-325 (Missing Cryptographic Step) it can compromise Access Control, Confidentiality, Integrity, Accountability and Non-Repudiation, leading to outcomes such as Bypass Protection Mechanism, Read Application Data, Modify Application Data and Hide Activities.
CWE-325 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.
MITRE documents real CVEs mapped to CWE-325, including CVE-2001-1585. You can look up the full details of each CVE, including CVSS scores and remediation guidance, on our CVE Lookup tool.
A CWE (Common Weakness Enumeration) like CWE-325 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.