Insecure Storage And Improper Use Of Cryptography Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

1 Introduction

Many common software vulnerabilities exist in code that is written today. This report will examine five of the less known software vulnerabilities that occur. Although these vulnerabilities are not as well-known as some of the main attacks, such as SQL Injection and Cross Site Scripting (XSS), they still can have a major impact on the application and the data behind it. These vulnerabilities are:

Integer Overflow

Format String Attack

Command Injection

Insecure Storage and Improper use of Cryptography

Time of Check vs. Time of Use (Race Condition)

For the first three of these, examples of code will be shown and explained.

1 Integer Overflow

An integer overflow happens when an integer defined within the program which is designed to set the value of memory allocation or concatenation or similar is overwritten with a value that sets the integer to a value that is outside the allowable limits. This happens when the integer has been implemented without proper security. This number could then wrap back to a smaller number or even a negative value.

This could problems with availability when the integer overflow creates a loop within the program. An integer overflow could also cause problems with data integrity if the value is important to data within the program. If the integer overflow causes a buffer overflow, data could be lost or malicious code could be implemented within the program.

Languages that are susceptible to integer overflows include C, C++ and Fortran. To avoid these problems, the developer should avoid these languages or implement safe string libraries or container abstractions. These will help against the switch from integer overflow to buffer overflow.

Recently, many software packages have been found to contain integer overflow - buffer overflow conditions. This has made the problem more open to attack.

1.1 Example Code

short int bytesRec = 0;

char buf[SOMEBIGNUM];

while(bytesRec < MAXGET) {

bytesRec += getFromInput(buf+bytesRec);


In the above example, a loop can occur when "bytesRec" is incremented beyond the allowable value. When it returns to a lower value, it will always be lower than "MAXGET".

2 Format String Attack

A format string attack happens when string entered into the program is executed as code. Because of this an attacker may use inputted text to attack the code and cause security issues with the system to arise. The cause of this type of attack is in how the application handles this inputted text. Functions that can cause a format string attack include the "printf" and "fprintf" in C. When a Format Function, like printf is used without the proper argumenmts, the string could be used to write the stack. An attacker could use this problem to cause a denial of service or execute malicious code within the program.

If these types of Format Functions are contained within the source code of the website and are able to interpret formatting characters, an attacker may input formatting characters to print code on website itself.

2.1 Example Code

printf (userName);

printf (%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s);

In this code example the attacker has entered a series of format strings. This could cause the program to reveal the memory address of other information. When this happens the program might start reading illegal memory address and could potentially cause a denial of service attack.

3 Command Injection

Command injection is exactly that. The attacker uses commands injected into a vulnerable program to execute their attack. If an attacker can inject commands directly into the code, they have direct control of the program and may execute the program as an authorized user with the program acting as it would if a normal authorized has accessed. The main cause of this vulnerability is the lack of proper input data validation.

An OS command injection attack, on the other hand, happens when an attacker inputs commands directly into the OS. These are system-level commands and can be used by an attacker to gain control over the system. The attacker gains access to the OS through a vulnerable application.

3.1 Example Code

int main(char* argc, char** argv) {

char cmd[CMD_MAX] = "/usr/bin/cat ";

strcat(cmd, argv[1]);



In the example above, the code is installed in "SETUID ROOT" to allow users with different permissions to access files on a system. The program accesses files using the system() command which also has root privileges. When a normal user enters a filename, the progam executes correctly. Problems arise when no particular arguments are passed to the system() command. If an attacker enters ";rm -rf /", for example, the system() command fails to execute the "cat" command to view files. The system() command then continues to complete the command entered, which in this case deletes the deletes the root partition.

4 Insecure Storage and Improper use of Cryptography

Nearly all applications store confidential data somewhere, i.e. a database or file system. This data could be critical to an organization's survival and must be kept securely at all times. Cryptography is the most common method of securing this data today. Implementation of cryptography is where problems arise. If the encryption of data is not implemented properly within the application, then the data may, in effect, be insecure.

Examples of where errors within the code can leave the data insecure are:

Lack of encryption of sensitive information

Important information, such as keys, certificates, and passwords, not protect properly

Improper storage of intellectual property in memory

Random generation not properly achieved

Algorithm adoption not secure enough

Invention a new encryption algorithm

Changes in the encryption key and maintenance practices are not supported properly.

The best way to protect against this type of attack is to examine how the application code deals with sensitive information such as keys, certificates and passwords; how they are loaded into memory and removed after. To avoid security problems with encryption, it should be only used where necessary. For example, passwords should not be encrypted. Instead, Secure Salted Password Hashing should be employed. When encryption is necessary, steps to follow include:

Ensuring total security of sensitive information such as keys, certificates and passwords

Use of database or file system that has been open to the public and has shown its ability to be secure

The main secrets should be split into different locations and combined and loaded at runtime.

5 Time of Check vs. Time of Use (Race Condition)

Time of Check vs. Time of Use Race Conditions happen when something changes within a resource, usually a value, during the time the resource is checked and the time that resource is used. This can cause a series of consequences. Such as:

Access control: An attacker can access restricted areas

Authorization: An attacker may be authorized certain permissions

Integrity: The integrity of the resource has been questioned

Accountability: Logging of file alteration might not happen

Non-repudiation: Deletion of log files

To avoid this scenario, the code should contain locking mechanisms that do not allow alteration of the resource until it is in use.