Use of Cryptographically Weak PRNGID: 338 | Date: (C)2012-05-14 (M)2022-10-10 |
Type: weakness | Status: DRAFT |
Abstraction Type: Base |
Description
The product uses a Pseudo-Random Number Generator (PRNG) in a
security context, but the PRNG is not cryptographically
strong.
Likelihood of Exploit: Medium
Applicable PlatformsLanguage Class: All
Time Of Introduction
- Architecture and Design
- Implementation
Common Consequences
Scope | Technical Impact | Notes |
---|
Access_Control | Bypass protection
mechanism | If a PRNG is used for authentication and authorization, such as a
session ID or a seed for generating a cryptographic key, then an
attacker may be able to easily guess the ID or cryptographic key and
gain access to restricted functionality. |
Detection MethodsNone
Potential Mitigations
Phase | Strategy | Description | Effectiveness | Notes |
---|
Implementation | | Use functions or hardware which use a hardware-based random number
generation for all crypto. This is the recommended solution. Use
CyptGenRandom on Windows, or hw_rand() on Linux. | | |
Relationships
Related CWE | Type | View | Chain |
---|
CWE-338 ChildOf CWE-905 | Category | CWE-888 | |
Demonstrative Examples (Details)
- Both of these examples use a statistical PRNG to generate a random
number: (Demonstrative Example Id DX-102)
Observed Examples
- CVE-2009-3278 : Crypto product uses rand() library function to generate a recovery key, making it easier to conduct brute force attacks.
- CVE-2009-3238 : Random number generator can repeatedly generate the same value.
- CVE-2009-2367 : Web application generates predictable session IDs, allowing session hijacking.
- CVE-2008-0166 : SSL library uses a weak random number generator that only generates 65,536 unique keys.
For more examples, refer to CVE relations in the bottom box.
White Box Definitions None
Black Box Definitions None
Taxynomy Mappings
Taxynomy | Id | Name | Fit |
---|
CLASP | | Non-cryptographic PRNG | |
References:
- Michael Howard David LeBlanc John Viega .24 Deadly Sins of Software Security. McGraw-Hill. Section:'"Sin 20: Weak Random Numbers." Page 299'. Published on 2010.