Static IV/Nonce
Using a hardcoded or constant Initialization Vector (IV) or nonce for encryption defeats the purpose of the IV and allows attackers to detect patterns and decrypt data.
How It Works
An IV (Initialization Vector) or nonce ensures that encrypting the same plaintext with the same key produces different ciphertext each time. When the IV is hardcoded, constant, or predictable, this property is lost. In CBC mode, a static IV allows attackers to detect when the same message is encrypted twice. In CTR mode, reusing a nonce with the same key allows trivial decryption — XORing two ciphertexts encrypted with the same key and nonce cancels out the keystream, revealing the XOR of the two plaintexts. In GCM mode, nonce reuse is catastrophic — it allows the attacker to recover the authentication key and forge encrypted messages.
const crypto = require('crypto');
const STATIC_IV = Buffer.from('1234567890abcdef');
function encrypt(text, key) {
const cipher = crypto.createCipheriv('aes-256-cbc', key, STATIC_IV);
let encrypted = cipher.update(text, 'utf8', 'hex');
encrypted += cipher.final('hex');
return encrypted;
}const crypto = require('crypto');
function encrypt(text, key) {
const iv = crypto.randomBytes(16);
const cipher = crypto.createCipheriv('aes-256-cbc', key, iv);
let encrypted = cipher.update(text, 'utf8', 'hex');
encrypted += cipher.final('hex');
return iv.toString('hex') + ':' + encrypted;
}Real-World Example
In 2020, researchers discovered that the Zoom video conferencing application used a single AES-128 key in ECB mode with no IV for encrypting meeting content. This allowed participants and potential eavesdroppers to detect patterns in video streams. Zoom subsequently upgraded to AES-256-GCM with proper IV generation.
How to Prevent It
- Generate a cryptographically random IV with crypto.randomBytes(16) for every encryption
- Prepend the IV to the ciphertext so it is available for decryption
- Never hardcode, derive from a timestamp, or reuse IVs across encryptions
- Use AES-GCM which makes nonce uniqueness requirements explicit
Affected Technologies
Data Hogo detects this vulnerability automatically.
Scan Your Repo FreeRelated Vulnerabilities
ECB Mode
mediumUsing ECB (Electronic Codebook) mode for encryption produces identical ciphertext blocks for identical plaintext blocks, revealing patterns in the encrypted data.
Weak Key Size
mediumUsing cryptographic keys shorter than recommended minimums (RSA less than 2048 bits, AES less than 128 bits) makes encryption vulnerable to brute-force attacks with modern hardware.
Certificate Validation Disabled
criticalDisabling TLS certificate validation with NODE_TLS_REJECT_UNAUTHORIZED=0 or rejectUnauthorized: false allows man-in-the-middle attacks on all HTTPS connections.
Weak PRNG for Security
highUsing Math.random() or Date.now() to generate tokens, session IDs, or reset codes produces predictable values that attackers can guess or reproduce.