This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Cornucopia - Ecommerce Website - CR 2"

From OWASP
Jump to: navigation, search
(Created page with "{{DISPLAYTITLE:<span style="padding:2px 5px 0px 5px;color:white;background:#a395ca;">Cornucopia - Ecommerce Website - CR 2</span>}} File:Cornucopia_-_Ecommerce_Website_CR_2....")
 
 
(One intermediate revision by the same user not shown)
Line 11: Line 11:
 
=== Technical Note: ===
 
=== Technical Note: ===
  
There is no substitute for a proper, approved, cryptographic function where data needs to be protected at rest or in transit. Obfuscation is rarely the correct choice. Use standard-sapproved functions and consider all cryptographic management requirements (e.g. key creation, distribution, protection, replacement, retirement).
+
There is no substitute for a proper, approved, cryptographic function where data needs to be protected at rest or in transit. Obfuscation is rarely the correct choice. Use standard-approved functions and consider all cryptographic management requirements (e.g. key creation, distribution, protection, replacement, retirement).
  
 
=== References: ===
 
=== References: ===
Line 45: Line 45:
 
   </tr>
 
   </tr>
 
</table>
 
</table>
 
 
 
  
  

Latest revision as of 20:37, 29 March 2016

Cornucopia - Ecommerce Website CR 2.png

Suit: Cryptography

Card/Value: 2

Description:

Kyun can access data because it has been obfuscated rather than using an approved cryptographic function.

Technical Note:

There is no substitute for a proper, approved, cryptographic function where data needs to be protected at rest or in transit. Obfuscation is rarely the correct choice. Use standard-approved functions and consider all cryptographic management requirements (e.g. key creation, distribution, protection, replacement, retirement).

References:

OWASP SCP OWASP ASVS OWASP AppSensor CAPEC SAFECODE
105 - - - 21
133 29
135



« Previous Card | Cryptography | Next Card »