Key Information Vulnerability Description CWE ID: 329 Name: Generation of Predictable IV with CBC Mode Description: Using a predictable Initialization Vector (IV) with CBC mode encryption can make the algorithm vulnerable to attacks when the same key is reused. Impact Scope: Confidentiality Details: If the IV is not properly initialized, encrypted data can be compressed and information may be leaked. Potential Consequences Implementation Phase: Implementation Mitigation: NIST recommends two methods for generating unpredictable IVs for CBC mode: one is to generate a random IV, and the other is to XOR noise with the key and plaintext before encryption. Relationships Parent: CWE-573 Improper Following of Specification by Caller Child: CWE-1216 Generation of Weak Initialization Vector (IV) Background Details CBC Mode: A common block cipher operation mode that starts by XORing the initial plaintext block with the IV, then XORs each subsequent block. Importance: An unpredictable IV is critical for preventing chosen-plaintext attacks. Introduction Method Implementation Phase: Developers may overlook the importance of IVs, opting for simpler implementations to save time, thereby weakening the security scheme. Example Code Provides two examples demonstrating CBC mode encryption where the IV is always a zero block, making the ciphertext more predictable and susceptible to dictionary attacks. Observed Instances Lists multiple CVE examples, such as CVE-2014-1770, CVE-2017-1133, etc., illustrating how this vulnerability manifests in different scenarios. Detection Methods Automated Static Analysis: This weakness can be identified by analyzing source code without requiring execution. Functional Area Cryptography Mappings CLASP: Not using a random IV with CBC mode