CAPEC-485 Metadata
Likelihood of Attack
Low
Typical Severity
High
Overview
Summary
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Prerequisites
An authoritative signer is using a weak method of random number generation or weak signing software that causes key leakage or permits key inference. An authoritative signer is using a signature algorithm with a direct weakness or with poorly chosen parameters that enable the key to be recovered using signatures from that signer.
Potential Solutions / Mitigations
Ensure cryptographic elements have been sufficiently tested for weaknesses.
Related Weaknesses (CWE)
| CWE ID | Description |
|---|---|
| CWE-330 | Use of Insufficiently Random Values |
Related CAPECs
| CAPEC ID | Description |
|---|---|
| CAPEC-473 | An attacker generates a message or datablock that causes the recipient to believe that the message or datablock was generated and cryptographically signed by an authoritative or reputable source, misleading a victim or victim operating system into performing malicious actions. |
Taxonomy Mappings
Taxonomy: ATTACK
| Entry ID | Entry Name |
|---|---|
| 1552.004 | Unsecure Credentials: Private Keys |
Stay Ahead of Attack Patterns
Understanding CAPEC patterns helps security professionals anticipate and thwart potential attacks. Leverage these insights to enhance threat modeling, strengthen your software development lifecycle, and train your security teams effectively.