Difference between revisions of "Non-cryptographic pseudo-random number generator"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 
 
{{Template:SecureSoftware}}
 
{{Template:SecureSoftware}}
  
Line 61: Line 60:
 
Not available.
 
Not available.
  
==Categories ==
 
  
 
[[Category:Vulnerability]]
 
[[Category:Vulnerability]]

Revision as of 23:10, 27 May 2006


Overview

The use of Non-cryptographic Pseudo-Random Number Generators (PRNGs) as a source for security can be very dangerous, since they are predictable.

Consequences

  • Authentication: Potentially a weak source of random numbers could weaken the encryption method used for authentication of users. In this case, a password could potentially be discovered.

Exposure period

  • Design through Implementation: It is important to realize that if one is utilizing randomness for important security, one should use the best random numbers available.

Platform

  • Languages: All languages.
  • Operating platforms: All platforms.

Required resources

Any

Severity

High

Likelihood of exploit

Medium

Avoidance and mitigation

  • Design through Implementation: Use functions or hardware which use a hardware-based random number generation for all crypto. This is the recommended solution. Use CyptGenRandom on Windows, or hw_rand() on Linux.

Discussion

Often a pseudo-random number generator (PRNG) is not designed for cryptography. Sometimes a mediocre source of randomness is sufficient or preferable for algorithms which use random numbers. Weak generators generally take less processing power and/or do not use the precious, finite, entropy sources on a system.

Examples

In C\C++:

srand(time())
int randNum = rand();

In Java:

Random r = new Random();

For a given seed, these "random number" generators will produce a reliable stream of numbers. Therefore, if an attacker knows the seed or can guess it easily, he will be able to reliably guess your random numbers.

Related problems

Not available.