Non-cryptographic pseudo-random number generator

From OWASP
Revision as of 11:29, 16 April 2006 by Deleted user (Talk | contribs)

Jump to: navigation, search



Overview

The use of Non-cryptographic Pseudo-Random Number Generators (PRNGs) as a source for security can be very dangerous, since they are predictable.

Consequences

  • Authentication: Potentially a weak source of random numbers could weaken the encryption method used for authentication of users. In this case, a password could potentially be discovered.

Exposure period

  • Design through Implementation: It is important to realize that if one is utilizing randomness for important security, one should use the best random numbers available.

Platform

  • Languages: All languages.
  • Operating platforms: All platforms.

Required resources

Any

Severity

High

Likelihood of exploit

Medium

Avoidance and mitigation

  • Design through Implementation: Use functions or hardware which use a hardware-based random number generation for all crypto. This is the recommended solution. Use CyptGenRandom on Windows, or hw_rand() on Linux.

Discussion

Often a pseudo-random number generator (PRNG) is not designed for cryptography. Sometimes a mediocre source of randomness is sufficient or preferable for algorithms which use random numbers. Weak generators generally take less processing power and/or do not use the precious, finite, entropy sources on a system.

Examples

In C\C++:

srand(time())
int randNum = rand();

In Java:

Random r = new Random();

For a given seed, these "random number" generators will produce a reliable stream of numbers. Therefore, if an attacker knows the seed or can guess it easily, he will be able to reliably guess your random numbers.

Related problems

Not available.

Categories