M10: Insufficient Cryptography

Insufficient cryptography covers weak algorithms, poor key lifecycle management, and incorrect integration of cryptographic primitives. When encryption is misapplied, attackers can decrypt sensitive data, forge tokens, or tamper with transactions. Mobile applications frequently combine platform APIs, custom crypto wrappers, and third-party SDKs, increasing the risk of mistakes.

Typical Weakness Patterns

• Using deprecated algorithms (MD5, SHA1, DES, RC4) for hashing, encryption, or message authentication.
• Implementing bespoke cryptography instead of trusted primitives and libraries.
• Storing encryption keys or certificates insecurely on the device or in backend configuration repositories.
• Neglecting to verify cryptographic signatures on downloaded content, updates, or inter-service messages.

Detection Cues

• Static analysis to identify weak algorithms, insecure modes of operation (ECB), or constants that resemble encryption keys.
• Reviewing code paths for proper error handling, IV/nonce usage, and key rotation logic.
• Penetration testing that attempts to decrypt captured data, manipulate signed payloads, or execute downgrade attacks against backend services.

Mitigation

• Adopt modern, battle-tested algorithms (AES-GCM, ChaCha20-Poly1305, SHA-256+, EdDSA/ECDSA) via well-maintained libraries.
• Manage keys using hardware security modules, platform keystores, or cloud KMS solutions, and enforce rotation and revocation policies.
• Implement cryptographic agility—versioned payloads, mutual negotiation, and the ability to retire algorithms without breaking clients.
• Validate signatures and integrity checks for all downloaded assets, configuration files, and inter-service communications.