CWE-1279β€”Cryptographic Operations are run Before Supporting Units are Ready

PUBLISHEDweakness record
released 2020-02-24 Β· last modified 2025-12-11

Metadata

CWE ID:
CWE-1279
Abstraction:
Base
Structure:
Simple
Status:
Incomplete
Release Date:
2020-02-24
Latest Modification Date:
2025-12-11

Weakness Name

Cryptographic Operations are run Before Supporting Units are Ready

Description

Performing cryptographic operations without ensuring that the supporting inputs are ready to supply valid data may compromise the cryptographic result.

Many cryptographic hardware units depend upon other hardware units to supply information to them to produce a securely encrypted result. For example, a cryptographic unit that depends on an external random-number-generator (RNG) unit for entropy must wait until the RNG unit is producing random numbers. If a cryptographic unit retrieves a private encryption key from a fuse unit, the fuse unit must be up and running before a key may be supplied.

Common Consequences

Scope:
Access Control, Confidentiality, Integrity, Availability, Accountability, Authentication, Authorization, Non-Repudiation
Impact:
Varies by Context

Related Weaknesses