report/v7_cryptography.tex

   1 % usage of crypt()
   2 \begin{enumerate}[label={7.\arabic*}]
   3
   4   \addtocounter{enumi}{1}
   5     \item
   6     \pass{}
   7     Verify that all cryptographic modules fail securely, and errors are handled
   8     in a way that does not enable oracle padding.
   9     \begin{result}
  10     The only cryptographic operation is the hashing of the password, which can
  11       not be vulnerable to a padding attack as it does not use a block cipher.
  12     \end{result}
  13
  14
  15   \addtocounter{enumi}{3}
  16   \notapplicable{
  17     \item
  18     Verify that all random numbers, random file names, random GUIDs, and random
  19     strings are generated using the cryptographic module’s approved random
  20     number generator when these random values are intended to be not guessable
  21     by an attacker.
  22   }
  23
  24     \item
  25     \TODO{}
  26     Verify that cryptographic algorithms used by the application have been
  27     validated against FIPS 140-2 or an equivalent standard.
  28     \begin{result}
  29     The application uses md-5 for password hashing, which should be insecure by
  30       now.
  31     \end{result}
  32
  33   \notapplicable{
  34     \item
  35     Verify that cryptographic modules operate in their approved mode according
  36     to their published security policies.
  37   }
  38
  39   \notapplicable{
  40     \item
  41     Verify that there is an explicit policy for how cryptographic keys are
  42     managed (e.g., generated, distributed, revoked, and expired). Verify that
  43     this key lifecycle is properly enforced.
  44   }
  45
  46   \addtocounter{enumi}{1}
  47   \notapplicable{
  48     \item
  49     Verify that all consumers of cryptographic services do not have direct
  50     access to key material. Isolate cryptographic processes, including master
  51     secrets and consider the use of a virtualized or physical hardware key vault
  52     (HSM).
  53   }
  54
  55   \notapplicable{
  56     \item
  57     \textit{Personally Identifiable Information} should be stored encrypted at
  58     rest and ensure that communication goes via protected channels.
  59   }
  60
  61   \notapplicable{
  62     \item
  63     Verify that sensitive passwords or key material maintained in memory is
  64     overwritten with zeros as soon as it no longer required, to mitigate memory
  65     dumping attacks.
  66   }
  67
  68   \notapplicable{
  69     \item
  70     Verify that all keys and passwords are replaceable, and are generated or
  71     replaced at installation time.
  72   }
  73
  74   \notapplicable{
  75     \item
  76     Verify that random numbers are created with proper entropy even when the
  77     application is under heavy load, or that the application degrades gracefully
  78     in such circumstance.
  79   }
  80
  81 \end{enumerate}