MASTG-TEST-0211: Weak Hashing Algorithms
Content in BETA
This content is in beta and still under active development, so it is subject to change any time (e.g. structure, IDs, content, URLs, etc.).
Overview¶
To test for the use of weak hashing algorithms in iOS apps, we need to focus on methods from cryptographic frameworks and libraries that are used to perform hashing operations.
-
CommonCrypto: CommonDigest.h defines the following hashing algorithms:
CC_MD2
CC_MD4
CC_MD5
CC_SHA1
CC_SHA224
CC_SHA256
CC_SHA384
CC_SHA512
-
CryptoKit: Supports three cryptographically secure hashing algorithms and two insecure ones in a dedicated class called
Insecure
:SHA256
SHA384
SHA512
Insecure.MD5
Insecure.SHA1
Note: the Security framework only supports asymmetric algorithms and is therefore out of scope for this test.
Steps¶
- Run a static analysis tool such as radare2 for iOS on the app binary, or use a dynamic analysis tool like Frida for iOS, and look for uses of the cryptographic functions that perform hashing operations.
Observation¶
The output should contain the disassembled code of the functions using the relevant cryptographic functions.
Evaluation¶
The test case fails if you can find the use of weak hashing algorithms within the source code. For example:
- MD5
- SHA-1
Stay up-to-date: This is a non-exhaustive list of weak algorithms. Make sure to check the latest standards and recommendations from organizations such as the National Institute of Standards and Technology (NIST), the German Federal Office for Information Security (BSI) or any other relevant authority in your region.
Context Considerations:
To reduce false positives, make sure you understand the context in which the algorithm is being used before reporting the associated code as insecure. Ensure that it is being used in a security-relevant context to protect sensitive data.
For example, using MD5 for hashing passwords is considered weak, but using MD5 for checksums or non-cryptographic purposes is acceptable.
Demos¶
MASTG-DEMO-0016: Uses of Insecure Hashing Algorithms in CryptoKit with r2 MASTG-DEMO-0015: Uses of Insecure Hashing Algorithms in CommonCrypto with r2