# Difference between revisions of "Non-cryptographic pseudo-random number generator"

From OWASP

Deleted user (Talk | contribs) (→Examples) |
|||

Line 45: | Line 45: | ||

In C\C++: | In C\C++: | ||

+ | <pre> | ||

srand(time()) | srand(time()) | ||

int randNum = rand(); | int randNum = rand(); | ||

+ | </pre> | ||

+ | |||

In Java: | In Java: | ||

− | Random r = new Random() | + | <pre> |

− | For a given seed, these "random number" generators will produce a reliable stream of numbers. Therefore, if an attacker knows the seed or can guess it easily, he will be able to reliably guess your random numbers. | + | Random r = new Random(); |

+ | </pre> | ||

+ | |||

+ | For a given seed, these "random number" generators will produce a reliable stream of numbers. Therefore, if an attacker knows the seed or can guess it easily, he will be able to reliably guess your random numbers. | ||

==Related problems == | ==Related problems == |

## Revision as of 11:29, 16 April 2006

## Overview

The use of Non-cryptographic Pseudo-Random Number Generators (PRNGs) as a source for security can be very dangerous, since they are predictable.

## Consequences

- Authentication: Potentially a weak source of random numbers could weaken the encryption method used for authentication of users. In this case, a password could potentially be discovered.

## Exposure period

- Design through Implementation: It is important to realize that if one is utilizing randomness for important security, one should use the best random numbers available.

## Platform

- Languages: All languages.

- Operating platforms: All platforms.

## Required resources

Any

## Severity

High

## Likelihood of exploit

Medium

## Avoidance and mitigation

- Design through Implementation: Use functions or hardware which use a hardware-based random number generation for all crypto. This is the recommended solution. Use CyptGenRandom on Windows, or hw_rand() on Linux.

## Discussion

Often a pseudo-random number generator (PRNG) is not designed for cryptography. Sometimes a mediocre source of randomness is sufficient or preferable for algorithms which use random numbers. Weak generators generally take less processing power and/or do not use the precious, finite, entropy sources on a system.

## Examples

In C\C++:

srand(time()) int randNum = rand();

In Java:

Random r = new Random();

For a given seed, these "random number" generators will produce a reliable stream of numbers. Therefore, if an attacker knows the seed or can guess it easily, he will be able to reliably guess your random numbers.

## Related problems

Not available.