CWE-760: CWE-760: Use of a One-Way Hash with a Predictable Salt

VariantStable

Description

View on MITRE
Back to CWE Lookup

Extended Description

Extended Description

Technical Details

Structure
Simple
Vulnerability Mapping
ALLOWED

Applicable To

Languages
Languages
Platforms
Languages

Frequently Asked Questions

What is CWE-760: CWE-760: Use of a One-Way Hash with a Predictable Salt?+

CWE-760: CWE-760: Use of a One-Way Hash with a Predictable Salt is a Common Weakness Enumeration (CWE) entry maintained by MITRE. Description Extended Description

What are the security consequences of CWE-760: Use of a One-Way Hash with a Predictable Salt?+

If exploited, CWE-760 (CWE-760: Use of a One-Way Hash with a Predictable Salt) it can compromise Bypass Protection Mechanism, leading to outcomes such as Scope: Access Control.

How do you prevent or mitigate CWE-760: Use of a One-Way Hash with a Predictable Salt?+

Recommended mitigations for CWE-760 include: Use an adaptive hash function that can be configured to change the amount of computational effort needed to compute the hash, such as the number of iterations ("stretching") or the amount of memory required. Some hash functions perform salting automatically. These functions can significantly increase the overhead for a brute force attack compared to intentionally-fast functions such as MD5. For example, rainbow table attacks can become infeasible due to the high computing overhead. Finally, since computing power gets faster and cheaper over time, the technique can be reconfigured to increase the workload without forcing an entire replacement of the algorithm in use. Some hash functions that have one or more of these desired properties include bcrypt [ REF-291 ], scrypt [ REF-292 ], and PBKDF2 [ REF-293 ]. While there is active debate about which of these is the most effective, they are all stronger than using salts with hash functions with very little computing overhead. Note that using these functions can have an impact on performance, so they require special consideration to avoid denial-of-service attacks. However, their configurability provides finer control over how much CPU and memory is used, so it could be adjusted to suit the environment's needs. Effectiveness: High If a technique that requires extra computational effort can not be implemented, then for each password that is processed, generate a new random salt using a strong random number generator with unpredictable seeds. Add the salt to the plaintext password before hashing it. When storing the hash, also store the salt. Do not use the same salt for every password. Effectiveness: Limited Note: Be aware that salts will not reduce the workload of a targeted attack against an individual hash (such as the password for a critical person), and in general they are less effective than other hashing techniques such as increasing the computation time or memory overhead. Without a built-in workload, modern attacks can compute large numbers of hashes, or even exhaust the entire space of all possible passwords, within a very short amount of time, using massively-parallel computing and GPU, ASIC, or FPGA hardware.

Which programming languages are affected by CWE-760: Use of a One-Way Hash with a Predictable Salt?+

CWE-760 commonly affects Languages. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.

What is the difference between a CWE and a CVE?+

A CWE (Common Weakness Enumeration) like CWE-760 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.

Learn More