Exploring CWE-324: Use of a Key Past its Expiration Date
Introduction
The OWASP Top Ten list provides in-depth information about the most common security issues facing web applications. Number two on the list is A02:2021 – Cryptographic Failures, which covers a wide range of common mistakes.
Key expiration is designed to mitigate the probability and impact of a cracked or compromised key. A failure to properly implement key expiration is tracked as CWE-324.
Why Keys Expire
The security of cryptographic algorithms depends on the security of their associated private keys. If someone can guess or otherwise compromise a user’s private key, then they have the ability to decrypt messages and generate digital signatures on that user’s behalf.
For a randomly generated and well-protected secret key used in a secure cryptographic algorithm, the best known attack is a brute force attack. If an attacker has access to a ciphertext or a digital signature and the means of checking if a key is correct, they can simply guess potential secret keys until they find the right one.
Modern cryptographic algorithms use key lengths that are resistant to brute force search, making it unlikely that an attacker will be able to brute force the secret key. However, it is possible that an attacker could get lucky and guess correctly.
Key expiration helps to protect against this, and other threats of key compromise, and their expiration dates are commonly tied to the strength of the key. The weaker the key, the shorter the lifecycle. By decreasing the time that an attacker has to crack a key before it expires, the potential for a compromised key is decreased.
In the event that a key is cracked or otherwise compromised, expiration dates also help by limiting the amount of time during which it can be misused by an attacker. Once the key expires, it provides no benefit to the attacker, and they need to start all over again at cracking the key or attempting to steal the new version.
Using Expired Keys
Key expiration is best practice because it helps to limit the risk and impact of compromised keys. However, keys that should be expired might still be used due to mistakes on both ends of a communication, such as:
- Failure to Expire Keys: While key expiration is best practice, it isn’t universally adopted. If secret keys are set up to live forever, they may be used after they are potentially compromised by an attacker.
- Hardcoded Keys: Hardcoded keys are built into an application’s source code, making them more difficult to change. As a result, these keys may be used after their intended expiration date.
- Failure to Validate Certificate: Digital certificates, which contain a user’s public key, include an expiration date. If a client fails to validate that a certificate has not passed its expiration date or been revoked, then the client may accept expired keys.
- Poor Key Management: Unless expiration is built into the key itself (like a digital certificate’s expiration date), then a key may continue to function after its intended end of life. If an organization fails to properly monitor and regenerate keys, this could lead to keys existing past their expiration date.
- Use of Related Keys: Key expiration is designed to protect against an attacker cracking a key and then using it. If the new key is derived from the old without any secret/random information, an attacker could follow the chain of keys after cracking or compromising one in the sequence.
- Legacy Systems: Long-lived systems may lack a means of updating their encryption keys and also survive past their intended end of life. This could mean that the system and any application communicating with it are using expired and potentially compromised keys.
Case Study: Pivotal Ops Manager
Pivotal Ops Manager helps with managing various components of a cloud-based deployment. In 2019, a vulnerability was discovered in Ops Manager and tracked under CVE-2019-3790.
The issue was that Ops Manager did not enforce refresh expiration for its access tokens. A remote user authenticated to the system could generate valid tokens and access browser sessions that should have expired, enabling them to access Ops Manager resources.
Managing Secret Keys Correctly
Key expiration is a best practice because it can help protect against key cracking and limit the potential damage caused by a compromised key. Some best practices for key management include:
- Set key expiration based on key length and algorithm strength
- Automate key renewal processes
- Centrally monitor and manage keys where possible
- Check expiration dates of digital certificates
Up Next
To help build understanding of how cryptography can go wrong and how to fix it, we’ll continue to dive deep into prevention measures and most of the 29 CWEs related to OWASP’s A02:2021 – Cryptographic Failures vulnerability in a series of blogs. Each blog will describe the weakness, why it happens, a real-world case study, and recommended mitigations.
We’re very committed to improving the state of cryptography and data security by sharing knowledge and helping to correct common misconceptions about how cryptography works and how to use it properly. To keep up with this series and our other research and cryptography content, make sure to subscribe to our blog in the page footer below.