CWE-323 Reusing a Nonce or IV
Coverage: 5 rules in the SiteShadow rule registry target this CWE (registry v2.0.0). Regex 5 Also: Taint and heuristic analyzers may also detect related flows (see coverage for the authoritative list) Registry tagging shows intent, for sample-level behaviour and benchmarked gaps see known gaps.
What this means
SiteShadow flagged nonce/IV reuse across encryptions. Many modern crypto schemes require a unique nonce/IV per message; reusing it can break confidentiality (and sometimes integrity).
Why it matters
Nonce or IV reuse can break encryption guarantees.
- With some modes, reuse can allow attackers to recover plaintext relationships or even keys.
- This is a common source of "crypto looks correct but fails catastrophically."
Safer examples
1) Use libraries that manage nonces/IVs safely
Prefer high-level APIs that generate nonces and return them with ciphertext.
2) Prefer AEAD modes
Use AES‑GCM / ChaCha20‑Poly1305 and ensure nonces are unique per key.
3) If you must manage nonces yourself, enforce uniqueness
Use a counter-based nonce or random nonces with collision resistance, and never repeat for the same key.
How SiteShadow detects it (high level)
- Flags crypto code where the same nonce/IV variable is reused across encryptions.
- Detects suspicious "fixed nonce/IV" patterns in AEAD/CBC contexts.
References
- CWE-323: https://cwe.mitre.org/data/definitions/323.html
---
← Back to Vulnerability Library
Catch this with SiteShadow Pro.
This vulnerability class is detected by SiteShadow's Pro-tier engines, two-pass interprocedural taint analysis, heuristic flow checks, AI-context scanning, and cross-file detection. The free tier catches OWASP Top 10 single-file patterns; Pro adds the data-flow depth that finds this class of bug.