S 3.33 Improper use of cryptomodules

Initiation responsibility: IT Security Officer, Head of Personnel

Implementation responsibility: Personnel Department, Supervisor

The improper use of encryption modules has often caused damages in practice. This improper use may have different effects:

During encryption, the power supply to the encryption module is switched off accidentally. As a consequence, only parts of the data are encrypted, other parts remain unencrypted. In such a case, it is possible that decryption is no longer possible, because the process was cancelled in an uncontrolled manner.

- When entering encryption parameters, improper parameters are input. As a consequence, insufficiently secure encryption algorithms or insecure cryptographic keys may be used.

- If the user is involved in generating the key by being prompted to enter random characters when the key is generated, improper use also entails not using random, but known and easy to guess character strings (words) at this point.

Such improper uses of an encryption module may cause the confidentiality, integrity, and availability of data to be affected adversely. Examples:

- Data is not or no longer encrypted although encryption would be necessary in order to maintain confidentiality.

- Encrypted data can no longer be decrypted, because the encryption module can no longer be used properly due to improper use.

- Data is encrypted accidentally or deliberately in such a way that it cannot be recovered, because the required cryptographic key is not known.

- Properly encrypted data is changed so that it can no longer be decrypted.

Review questions:

© Federal Office for Information Security. All rights reserved.