You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The hash lib uses a hardcoded, predictable salt of nimiqrocks! which is leveraged in Argon2dHasher. Argon2dHasher is then used in web-client.
The original commit did not make any mention of why this approach was chosen, which may be able to add further context. In absence of that, it is assumed that this should be adjusted to a more secure approach.
Ensure that the salt is a sufficiently random value. The docs for argon2 make use of let salt = SaltString::generate(&mut OsRng); to generate a secure salt.
This makes it easier for attackers to pre-compute the hash value using dictionary attack techniques such as rainbow tables, effectively disabling the protection that an unpredictable salt would provide.
As was noted above, the original commit occurred 6 years ago on Jun 24, 2018. Given the open-source nature of this project, any potential weaknesses like this are amplified by the fact that they are freely discoverable on the open internet.
This implementation is public in web-client, but doesn't appear to be used, so the direct impact is difficult to assess. However, current or future usages of it are susceptible to the risks laid out in CWE-760.
The text was updated successfully, but these errors were encountered:
They were only exposed to the web-client, but I couldn't find any
reference to this function.
The Argon2d/Argon2id implementation in `nimiq_hash::argon2kdf` remain.
Fixes#2455 by removing the unused code.
Link: https://hackerone.com/reports/2491434
Date: 2024-05-06 06:41:10 UTC
By: ryanrb
Weakness: Use of a One-Way Hash with a Predictable Salt
Details:
Summary
The
hash
lib uses a hardcoded, predictable salt ofnimiqrocks!
which is leveraged inArgon2dHasher
.Argon2dHasher
is then used inweb-client
.The original commit did not make any mention of why this approach was chosen, which may be able to add further context. In absence of that, it is assumed that this should be adjusted to a more secure approach.
Project:
core-rs-albatross
File reference:
hash/src/lib.rs
Line: 269
Recommendation
Ensure that the salt is a sufficiently random value. The docs for
argon2
make use oflet salt = SaltString::generate(&mut OsRng);
to generate a secure salt.References:
Impact
Per CWE-760:
As was noted above, the original commit occurred 6 years ago on Jun 24, 2018. Given the open-source nature of this project, any potential weaknesses like this are amplified by the fact that they are freely discoverable on the open internet.
This implementation is public in
web-client
, but doesn't appear to be used, so the direct impact is difficult to assess. However, current or future usages of it are susceptible to the risks laid out in CWE-760.The text was updated successfully, but these errors were encountered: