Insufficient EntropyID: 331 | Date: (C)2012-05-14 (M)2022-10-10 |
Type: weakness | Status: DRAFT |
Abstraction Type: Base |
Description
The software uses an algorithm or scheme that produces
insufficient entropy, leaving patterns or clusters of values that are more
likely to occur than others.
Applicable PlatformsLanguage Class: All
Time Of Introduction
- Architecture and Design
- Implementation
Related Attack Patterns
Common Consequences
Scope | Technical Impact | Notes |
---|
Access_ControlOther | Bypass protection
mechanismOther | An attacker could guess the random numbers generated and could gain
unauthorized access to a system if the random numbers are used for
authentication and authorization. |
Detection MethodsNone
Potential Mitigations
Phase | Strategy | Description | Effectiveness | Notes |
---|
Implementation | | Determine the necessary entropy to adequately provide for randomness
and predictability. This can be achieved by increasing the number of
bits of objects such as keys and seeds. | | |
Relationships
Related CWE | Type | View | Chain |
---|
CWE-331 ChildOf CWE-905 | Category | CWE-888 | |
Demonstrative Examples (Details)
- The following code uses a statistical PRNG to create a URL for a
receipt that remains active for some period of time after a
purchase. (Demonstrative Example Id DX-46)
- This code generates a unique random identifier for a user's
session. (Demonstrative Example Id DX-45)
Observed Examples
- CVE-2001-0950 : Insufficiently random data used to generate session tokens using C rand(). Also, for certificate/key generation, uses a source that does not block when entropy is low.
For more examples, refer to CVE relations in the bottom box.
White Box Definitions None
Black Box Definitions None
Taxynomy Mappings
Taxynomy | Id | Name | Fit |
---|
PLOVER | | Insufficient Entropy | |
WASC | 11 | Brute Force | |
References:
- John Viega Gary McGraw .Building Secure Software: How to Avoid Security Problems the
Right Way 1st Edition. Addison-Wesley. Published on 2002.