Guide to cryptographic failures: A 2025 OWASP Top 10 threat

What is a cryptographic failure?

Cryptographic failures occur when applications incorrectly implement or use cryptographic systems, leaving sensitive data exposed. These failures aren’t necessarily due to flaws in the cryptographic algorithms themselves but often result from weak encryption, misconfigured protocols, poor key management, and insecure data handling practices.

This category ranks high in the OWASP Top 10 application security risks because it encompasses many common and preventable cybersecurity risks. From storing passwords in plaintext to using deprecated encryption algorithms, cryptographic failures can compromise everything from authentication processes to secure communication and overall data security.

A brief history of the OWASP Cryptographic Failures category

Originally titled Sensitive Data Exposure, this risk category was renamed Cryptographic Failures in the 2021 OWASP Top 10 update to better reflect the technical nature of the vulnerabilities it covers. While sensitive data exposure describes the outcome of poor security controls, the updated name shifts focus to one of the main underlying causes: failures in cryptographic implementation and policy. Even though not all the CWEs previously grouped under Sensitive Data Exposure are listed under Cryptographic Failures, the majority are still there, reflecting the principle that if you’re processing sensitive data, encryption always needs to be involved.

Examples of attacks exploiting cryptographic failures

Insecure cryptographic measures can lead to data breaches when exploited by attackers. Improper TLS implementations can enable man-in-the-middle attacks, allowing adversaries to intercept or manipulate encrypted traffic. Weak password storage using outdated hashing algorithms like MD5 or SHA-1 opens the door to credential stuffing and brute-force attacks.

APIs are especially vulnerable when authentication tokens or other sensitive data are transmitted without proper encryption. Hardcoded or exposed cryptographic keys have also enabled attackers to decrypt and steal large volumes of data from supposedly protected systems. Another common example of misconfiguration is the absence or incorrect setup of the HTTP Strict Transport Security (HSTS) headers that enforce the use of encrypted HTTPS communication. Without HSTS, attackers may be able to trick the browser into falling back to insecure HTTP and transmitting sensitive information in plaintext.

How to prevent cryptographic failures

Preventing cryptographic vulnerabilities requires more than just enabling encryption—it involves implementing cryptographic systems securely and thoughtfully.

Strong cryptographic algorithms

Stick to well-established, secure algorithms such as AES-256 for encryption, RSA with secure padding for key exchange, and SHA-256 or better for hash functions. Avoid custom or deprecated algorithms, especially those with known weaknesses or insufficient entropy.

Secure transport and communication

Always use HTTPS with TLS 1.2 or higher. Ensure SSL/TLS configurations are hardened and that certificates are valid and up to date. Misconfiguration of these protocols, including missing or ineffective HSTS headers, can leave encrypted traffic vulnerable to interception.

Proper key management

Encryption keys should never be hardcoded or stored in plaintext. Use secure key management systems and rotate keys periodically to reduce exposure. Keys should be generated with sufficient randomness to avoid predictability.

Password protection with modern hashing

Implement secure password hashing using modern algorithms like bcrypt, scrypt, or Argon2, and apply proper salting and iteration counts. This protects credentials and helps defend against attacks that aim to exfiltrate hashed data from databases (for example through SQL injection) to be decrypted offline.

Random number generation

Use cryptographically secure pseudorandom number generators for key generation, session tokens, and other sensitive operations. Avoid relying on functions that lack sufficient entropy, which can lead to predictable or repeatable values.

What are the dangers of cryptographic failures?

The risks extend far beyond technical inconvenience. A single cryptographic weakness can lead to exposure of credentials, identity theft, unauthorized access, and full-scale data breaches. Financial consequences, legal liability, and reputational damage often follow.

Attackers who successfully exploit these vulnerabilities can bypass access control, decrypt sensitive information, or manipulate encrypted communications. Compromised credit card numbers and other financial data can lead to fraud, further compounding the impact on victims. For organizations, the fallout can include customer loss, regulatory penalties, and long-term erosion of trust—serious concerns in any data protection strategy.

Risk factors that can lead to cryptographic failure

• Insecure defaults: Many systems ship with insecure default settings. If these aren’t reviewed and changed, they can introduce weaknesses even in otherwise secure implementations.
• Obsolete protocols and algorithms: Continued use of outdated cryptographic standards like SSL or RC4 can provide an illusion of security while leaving applications vulnerable.
• Poor implementation practices: Mistakes such as improper initialization vectors, weak entropy sources, or insecure key storage can create exploitable flaws, even when using secure algorithms. These issues often stem from a lack of adherence to secure coding practices.
• Lack of cryptographic expertise: Development teams often treat cryptography as a black box. Without pre-vetted cryptographic libraries, adequate training, and suitable review processes, even minor implementation errors can result in exploitable security vulnerabilities.

How are cryptographic failures exploited by malicious hackers?

Attackers look for weak links in cryptographic systems to bypass protections and gain unauthorized access. Poorly hashed passwords are targets for brute-force or dictionary attacks. Improper use of encryption libraries can result in vulnerabilities where encrypted data can be decrypted with minimal effort.

Man-in-the-middle attacks are made possible by misconfigured or self-signed SSL/TLS certificates, though these are difficult to perform at scale. By contrast, insecure APIs may leak sensitive data if tokens or credentials are not properly encrypted or validated, potentially opening the way to large-scale automated exploitation.

In many cases, attackers use tools to scan for these weaknesses across large numbers of applications, meaning even a single oversight can make an application a target. Such vulnerabilities frequently originate from oversights in security measures that fail to consider the full lifecycle of cryptographic components in the application.

How to accurately identify cryptographic failure vulnerabilities in applications

Identifying cryptographic failures requires a multi-faceted approach. At a minimum, automated security scanning using tools such as dynamic application security testing (DAST) solutions should be performed to flag externally exploitable issues like the use of outdated algorithms, plaintext data storage, misconfigured TLS settings, or missing security headers.

Penetration testing provides real-world validation by simulating attacks and verifying the impact of any identified vulnerabilities, including cryptographic weaknesses. A mature application

Final thoughts

Cryptographic failures are preventable but require attention to detail and security-first thinking. By prioritizing strong encryption practices, secure key handling, and thorough application testing, organizations can significantly reduce the risk of data exposure and unauthorized access.

As part of a broader web application security strategy, regular vulnerability scanning, especially with a DAST-first approach, plays a vital role in identifying cryptographic weaknesses and other hidden misconfigurations before they can be exploited. In the context of modern application development, getting cryptography right is not optional—it’s foundational to maintaining both system integrity and data security.