Cryptographic Attacks On Web Applications

Cryptography is a process of encrypting sensitive information using encryption algorithms so that the information that is getting transmitted from one person to another is not being read by an unauthorised person. To protect man-in-middle attack cryptography is used.

CSRF attack

Most web applications also use cryptography technique to secure their sensitive information from being misused by hackers. However the pattern most developers use to encrypt and secure their web applications are quite easy for hackers to decrypt. One of the main reason why web applications are vulnerable to cryptographic attacks is because of:

  • Using weak algorithm such as BASE64: When authentication credentials values are encrypted using BASE64, it is possible to easily decode the same.

This is a silly mistake made by developers that can cause a huge breakdown as this easy decryption exposes the request parameters and other potential sensitive data.

One of the best way to avoid hackers from decoding the algorithm is to use strong algorithms that are difficult for hackers to decrypt. This can be done by using algorithms such as AES 256, SHA and similar such algorithms which are strong.