Difference between revisions of "Non-cryptographic pseudo-random number generator"

From OWASP
Jump to: navigation, search
Line 2: Line 2:
 
{{Template:Vulnerability}}
 
{{Template:Vulnerability}}
  
[[Category:FIXME|This is the text from the old template. This needs to be rewritten using the new template.]]
+
__TOC__
 +
 
 +
[[ASDR Table of Contents]]
  
 
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
 
Last revision (mm/dd/yy): '''{{REVISIONMONTH}}/{{REVISIONDAY}}/{{REVISIONYEAR}}'''
  
[[ASDR_TOC_Vulnerabilities|Vulnerabilities Table of Contents]]
+
[[Category:FIXME|This is the text from the old template. This needs to be rewritten using the new template.]]
 
+
[[ASDR Table of Contents]]
+
__TOC__
+
  
  

Revision as of 08:28, 4 November 2008

This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.


Contents


ASDR Table of Contents

Last revision (mm/dd/yy): 11/4/2008


Description

The use of Non-cryptographic Pseudo-Random Number Generators (PRNGs) as a source for security can be very dangerous, since they are predictable.

Consequences

  • Authentication: Potentially a weak source of random numbers could weaken the encryption method used for authentication of users. In this case, a password could potentially be discovered.

Exposure period

  • Design through Implementation: It is important to realize that if one is utilizing randomness for important security, one should use the best random numbers available.

Platform

  • Languages: All languages.
  • Operating platforms: All platforms.

Required resources

Any

Severity

High

Likelihood of exploit

Medium

Often a pseudo-random number generator (PRNG) is not designed for cryptography. Sometimes a mediocre source of randomness is sufficient or preferable for algorithms which use random numbers. Weak generators generally take less processing power and/or do not use the precious, finite, entropy sources on a system.


Risk Factors

TBD

Examples

In C\C++:

srand(time())
int randNum = rand();

In Java:

Random r = new Random();

For a given seed, these "random number" generators will produce a reliable stream of numbers. Therefore, if an attacker knows the seed or can guess it easily, he will be able to reliably guess your random numbers.


Related Attacks


Related Vulnerabilities

Related Controls

  • Design through Implementation: Use functions or hardware which use a hardware-based random number generation for all crypto. This is the recommended solution. Use CyptGenRandom on Windows, or hw_rand() on Linux.


Related Technical Impacts


References

TBD