Application security teams have limited resources for improving security. Deciding where to deploy them is not easy, and the right answer will vary for different organisations. However, one question we're often asked by teams considering our Analyzer software is, how common are the kind of "rubber hits the road" deployment of crypto flaws that it detects?
Good data on such questions is hard to find, but one source that has the advantage of being public is the CVE database of known vulnerabilities. This only covers vulnerabilities in publicly released software which may introduce biases, but if we accept these limitations, we can at least add up the number of CVEs that were caused by a cryptographic weakness and compare their prevalence to some other well-known bug classes. The cause of a CVE is denoted by its CWE (common weakness enumeration) number, though again here there are limitations: most CVEs have no CWE assigned, and the way CWEs are assigned has changed over the years.
Given these restrictions, suppose we limit ourselves to the CVEs that were registered in 2018. Of those that have CWEs assigned (which is less than 25%), a round 500 are attributed to SQL injection, a bug class that though well-known is still highly prevalent. How does this compare to flawed cryptography? In 2018, there were 282 CVEs due to cryptographic issues, 271 for insufficiently protected credentials, 124 hardcoded credentials, 112 certificate validation issues, 38 key-management issues, 35 weak encryption, 30 weak signature, 24 randomness issues - a total of 916, almost twice as many as SQL injection. Despite the caveats, these numbers at least show that crypto flaws are a major issue. The nature of the most common categories shows that what goes wrong most often is not some subtle mathematical flaw in the cryptography, but the basics: protecting and managing the keys correctly, using up to date algorithms - in other words, exactly the kinds of things our Analyzer software checks for.