A04:2025 - Cryptographic Failures: Protecting Your Data in Transit and at Rest

What Are Cryptographic Failures?

Cryptographic Failures occur when applications fail to properly protect sensitive data through encryption, both in transit and at rest. This vulnerability category, previously known as "Sensitive Data Exposure" in earlier OWASP Top 10 versions, has evolved to focus specifically on failures related to cryptography or the lack thereof.

The shift in terminology reflects a more precise understanding: the root cause isn't just that data is exposed, but that cryptographic controls are missing, misconfigured, or improperly implemented.

Why Cryptographic Failures Matter

In our increasingly digital world, applications handle vast amounts of sensitive information including personal identifiable information (PII), financial data, healthcare records, authentication credentials, and proprietary business data. When cryptographic protections fail, this data becomes vulnerable to interception, theft, and misuse.

The consequences of cryptographic failures can be severe:

• Data breaches exposing millions of user records
• Financial losses from fraud and regulatory fines
• Reputational damage eroding customer trust
• Legal liability under regulations like GDPR, HIPAA, and PCI-DSS
• Identity theft affecting users whose data was compromised

Common Cryptographic Failure Scenarios

Understanding how cryptographic failures manifest in real applications helps developers recognize and prevent these vulnerabilities.

• Transmitting Data in Clear Text
  • One of the most fundamental failures is transmitting sensitive data without encryption. This includes using HTTP instead of HTTPS, unencrypted email protocols, or custom protocols without TLS encryption. Attackers can easily intercept this traffic through man-in-the-middle attacks, especially on public WiFi networks.
• Using Weak or Outdated Cryptographic Algorithms
  • Many applications still rely on deprecated cryptographic algorithms that are known to be vulnerable. Examples include MD5 and SHA-1 for hashing, DES and 3DES for encryption, and RSA keys shorter than 2048 bits. These algorithms can be broken with modern computing power, rendering the "protection" they provide essentially useless.
• Improper Key Management
  • Even strong encryption becomes worthless if cryptographic keys are poorly managed. Common mistakes include hardcoding keys in source code, storing keys alongside encrypted data, using default or weak keys, failing to rotate keys periodically, and inadequate access controls on key storage.
• Missing Encryption at Rest
  • While many organizations focus on encrypting data in transit, they sometimes neglect to encrypt sensitive data stored in databases, file systems, or backups. If an attacker gains access to the storage layer through SQL injection, compromised credentials, or physical access to servers, unencrypted data is immediately exposed.
• Insufficient Randomness
  • Cryptographic operations rely on high-quality random number generation. Using predictable or poorly seeded random number generators can make encryption keys guessable, undermining the entire security model.
• Missing Integrity Checks
  • Encryption without authentication allows attackers to modify encrypted data without detection. This can lead to padding oracle attacks, replay attacks, and other sophisticated exploitation techniques.

Real-World Examples

• The 2013 Target breach exposed 40 million credit card numbers partly due to inadequate encryption of cardholder data as it moved through the network. The attackers were able to intercept unencrypted data flowing between point-of-sale systems and the payment processing network.
• In 2019, a misconfigured database at First American Financial Corp exposed 885 million sensitive documents dating back to 2003. While this involved access control failures, the lack of encryption at rest meant that once access was gained, all data was immediately readable.
• The 2017 Equifax breach, affecting 147 million people, was exacerbated by the storage of sensitive data without proper encryption, allowing attackers who exploited a separate vulnerability to access plaintext personal information including Social Security numbers.

Detection and Testing

Identifying cryptographic failures requires a multi-layered approach combining automated scanning, manual testing, and code review.

• Automated Scanning Tools like SSL Labs, OWASP ZAP, and Burp Suite can identify weak TLS configurations, missing HTTPS, and certificate issues. Static Application Security Testing tools can scan source code for hardcoded keys, weak algorithms, and improper cryptographic API usage.
• Manual Testing Techniques include inspecting network traffic with tools like Wireshark to verify encryption is applied to sensitive data flows, testing authentication mechanisms for password storage weaknesses, and verifying that sensitive data at rest is properly encrypted by examining database records and file storage.
• Code Review Focus Areas should include examining all locations where sensitive data is stored or transmitted, reviewing cryptographic library usage and configuration, checking key generation and storage mechanisms, and verifying the use of modern, approved algorithms and key sizes.

Prevention Strategies

Protecting against cryptographic failures requires implementing comprehensive security controls throughout your application architecture.

• Classify Data Properly
  • Start by identifying which data is sensitive according to privacy laws, regulatory requirements, contractual obligations, and business policies. Not all data requires the same level of protection, so proper classification helps you apply appropriate controls without over-engineering.
• Encrypt Data in Transit
  • Enforce HTTPS across your entire application using TLS 1.2 or higher as the minimum version. Implement HTTP Strict Transport Security headers to prevent downgrade attacks. Use strong cipher suites, disable weak protocols like SSLv3 and TLS 1.0, and ensure proper certificate management with valid, trusted certificates from reputable certificate authorities.
• Encrypt Sensitive Data at Rest
  • Store sensitive data using strong encryption algorithms like AES-256. Implement encryption at multiple layers including database-level encryption, file system encryption, and application-level encryption for highly sensitive fields. Consider using encryption as a service solutions from cloud providers for better key management.
• Implement Proper Key Management
  • Never hardcode encryption keys in your application code. Use dedicated key management systems like AWS KMS, Azure Key Vault, or HashiCorp Vault. Implement key rotation policies and maintain audit logs of key usage. Separate key storage from encrypted data storage and use envelope encryption for additional security layers.
• Use Strong Cryptographic Algorithms
  • For symmetric encryption, use AES-256 in GCM mode which provides both confidentiality and authenticity. For hashing passwords, use purpose-built functions like Argon2id, bcrypt, or scrypt with appropriate work factors. For asymmetric cryptography, use RSA with at least 2048-bit keys or elliptic curve cryptography with appropriate curves.
• Disable Caching for Sensitive Data
  • Implement proper cache control headers to prevent sensitive data from being cached by browsers, proxies, or CDNs. Set Cache-Control headers to no-store for responses containing sensitive information and ensure auto-complete is disabled on form fields containing sensitive data.
• Apply Security Headers
  • Implement comprehensive security headers including Strict-Transport-Security for HTTPS enforcement, Content-Security-Policy to prevent injection attacks, and X-Content-Type-Options to prevent MIME sniffing attacks that could lead to data exposure.

Implementation Best Practices

When implementing cryptographic controls, follow established standards and guidelines rather than creating custom cryptographic solutions.

• Use Established Cryptographic Libraries like OpenSSL, Bouncy Castle, or platform-provided cryptographic APIs. These libraries have been extensively tested and peer-reviewed. Avoid implementing your own cryptographic algorithms as this almost always introduces vulnerabilities.
• Follow the Principle of Defense in Depth. Don't rely on a single cryptographic control. Layer multiple security measures so that if one fails, others still provide protection. This includes combining encryption with access controls, audit logging, and network segmentation.
• Keep Cryptographic Software Updated. Regularly update cryptographic libraries, TLS implementations, and security patches. Subscribe to security advisories for the cryptographic components you use and have a rapid patching process for critical vulnerabilities.
• Perform Regular Security Assessments. Conduct periodic security audits focused on cryptographic implementations, penetration testing specifically targeting data protection controls, and compliance assessments against relevant standards like PCI-DSS or NIST guidelines.

Compliance and Regulatory Considerations

• Many regulations mandate specific cryptographic controls for protecting sensitive data. Understanding these requirements helps ensure both security and compliance.
• The General Data Protection Regulation requires encryption as part of security measures to protect personal data, particularly for data processing that may result in high risk to individuals. PCI-DSS mandates encryption of cardholder data both in transit across public networks and when stored. HIPAA requires covered entities to implement encryption for electronic protected health information where appropriate and feasible.
• Meeting these requirements isn't just about avoiding penalties. Proper cryptographic controls demonstrate due diligence in protecting user data and can provide safe harbor provisions under some breach notification laws.

The Future of Cryptographic Security

• The cryptographic landscape continues to evolve with emerging threats and new technologies requiring updated approaches.
• Quantum computing poses a significant future threat to current public-key cryptography. Organizations should begin planning for post-quantum cryptography migration, following NIST's standardization efforts for quantum-resistant algorithms.
• Zero-trust architectures are changing how we think about data protection, assuming breaches will occur and requiring encryption not just at network boundaries but for all data flows and storage, regardless of network location.
• Confidential computing technologies enable processing encrypted data without decrypting it, using hardware-based trusted execution environments. This represents a significant advance for protecting data during processing, completing the protect-data-everywhere paradigm.

Conclusion

✅ Cryptographic Failures represent a fundamental security challenge that requires sustained attention and expertise. The consequences of getting cryptography wrong are severe, but following established best practices and standards makes robust protection achievable.

✅ Start by identifying your sensitive data, implement strong encryption for data in transit and at rest, use proper key management, rely on established cryptographic libraries and algorithms, and maintain and update your cryptographic controls over time.

✅ Remember that cryptography is a tool, not a complete solution. It must be part of a comprehensive security program that includes secure development practices, regular security testing, incident response planning, and ongoing security awareness training.