Cryptography

From Guidance Share

Jump to: navigation, search

Contents

Description

Session management for Web applications is an application layer responsibility. Sessiosecurity is critical to the overall security of the application.


Vulnerabilities

  • Poor Key Generation or Key Management
  • Weak or Custom Encryption


Attacks

  • Checksum Spoofing
  • Cryptanalysis Attacks (chosen plain-text attack, known plain-text attack)


Countermeasures

  • Use well-known implementations of well-known cryptographic algorithms (e.g., implementations in .NET System.Cryptography namespace classes)


Resources

Personal tools