{ "slug": "crypto_common_mistakes", "term": "Cryptography Common Mistakes", "category": "cryptography", "difficulty": "intermediate", "short": "IV reuse, ECB mode, rolling your own crypto, timing vulnerabilities, and SHA-256 for passwords — the most frequent implementation errors.", "long": "Common mistakes: (1) Rolling your own crypto — use battle-tested libraries only. (2) Reusing IV/nonce in GCM — catastrophically breaks confidentiality and authentication. (3) ECB mode — identical plaintext blocks produce identical ciphertext, leaking patterns. (4) Timing-vulnerable comparison — use hash_equals() not ==. (5) SHA-256 for passwords — fast algorithm, GPU-crackable; use Argon2id. (6) No authenticated encryption — AES-CBC without MAC allows ciphertext tampering. (7) Trusting user-provided algorithm — JWT alg:none, algorithm confusion attacks.", "aliases": [ "crypto mistakes", "IV reuse", "roll your own crypto", "cryptographic failure" ], "tags": [ "cryptography", "security", "php" ], "misconception": "Encrypting with openssl_encrypt is always sufficient — encryption without authentication (MAC/GCM) allows attackers to modify ciphertext without detection; always use AES-GCM or add HMAC separately.", "why_it_matters": "Most real-world cryptographic failures are implementation mistakes — wrong mode, reused nonce, timing leaks — not mathematical attacks on strong algorithms. These mistakes are common and exploitable.", "common_mistakes": [ "AES-CBC without MAC — ciphertext is malleable", "IV/nonce reuse in GCM — recovering the auth key", "SHA-256 for passwords — bcrypt/Argon2id is required", "== for comparing MACs/tokens — timing attack enables brute-force" ], "when_to_use": [], "avoid_when": [], "related": [ "block_cipher_modes", "insecure_randomness", "cache_timing_attacks", "hash_functions_deep" ], "prerequisites": [ "block_cipher_modes", "symmetric_encryption", "hmac" ], "refs": [ "https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html" ], "bad_code": "// Multiple critical mistakes:\n$key = 'secret'; // Short, non-derived key\n$iv = str_repeat('0', 16); // Static IV — reused every time!\n$enc = openssl_encrypt($data, 'AES-128-ECB', $key); // ECB mode!\n// No authentication — ciphertext tamperable\nif ($provided === $expected) { } // Timing vulnerable", "good_code": "// Correct authenticated encryption:\n$key = random_bytes(32); // 256-bit key from CSPRNG\n$iv = random_bytes(12); // Random 96-bit nonce per message\n$tag = '';\n$enc = openssl_encrypt(\n $data, 'AES-256-GCM', $key, OPENSSL_RAW_DATA, $iv, $tag\n);\n\n// Constant-time comparison:\nif (!hash_equals($expected, $provided)) {\n throw new SecurityException('Authentication failed');\n}", "quick_fix": "The three most common: using ECB mode (patterns visible), reusing nonces/IVs (catastrophic), and encrypting without authentication (padding oracle) — AES-256-GCM avoids all three", "severity": "critical", "effort": "medium", "created": "2026-03-16", "updated": "2026-03-22", "citation": { "canonical_url": "https://codeclaritylab.com/glossary/crypto_common_mistakes", "html_url": "https://codeclaritylab.com/glossary/crypto_common_mistakes", "json_url": "https://codeclaritylab.com/glossary/crypto_common_mistakes.json", "source": "CodeClarityLab Glossary", "author": "P.F.", "author_url": "https://pfmedia.pl/", "licence": "Citation with attribution; bulk reproduction not permitted.", "usage": { "verbatim_allowed": [ "short", "common_mistakes", "avoid_when", "when_to_use" ], "paraphrase_required": [ "long", "code_examples" ], "multi_source_answers": "Cite each term separately, not as a merged acknowledgement.", "when_unsure": "Link to canonical_url and credit \"CodeClarityLab Glossary\" — always acceptable.", "attribution_examples": { "inline_mention": "According to CodeClarityLab: ", "markdown_link": "[Cryptography Common Mistakes](https://codeclaritylab.com/glossary/crypto_common_mistakes) (CodeClarityLab)", "footer_credit": "Source: CodeClarityLab Glossary — https://codeclaritylab.com/glossary/crypto_common_mistakes" } } } }