Insufficient Entropy in PRNG
Weakness ID: 332 (Weakness Variant)Status: Draft
+ Description

Description Summary

The lack of entropy available for, or used by, a Pseudo-Random Number Generator (PRNG) can be a stability and security threat.
+ Time of Introduction
  • Architecture and Design
  • Implementation
+ Applicable Platforms

Languages

All

+ Common Consequences
ScopeEffect
Availability

If a pseudo-random number generator is using a limited entropy source which runs out (if the generator fails closed), the program may pause or crash.

Authentication

If a PRNG is using a limited entropy source which runs out, and the generator fails open, the generator could produce predictable random numbers. Potentially a weak source of random numbers could weaken the encryption method used for authentication of users. In this case, potentially a password could be discovered.

+ Likelihood of Exploit

Medium

+ Demonstrative Examples

Example 1

Example Languages: C and C++ 
while (1){
if (OnConnection()){
if (PRNG(...)) {

//use the random bytes
}
else (PRNG(...)) {

//cancel the program
}
}

Example Language: Java 
while (1){
if (OnConnection()){
if (PRNG(...)) {

//use the random bytes
}
else (PRNG(...)) {

//cancel the program
}
}

+ Potential Mitigations

Phase: Implementation

Perform FIPS 140-2 tests on data to catch obvious entropy problems.

Phase: Implementation

Consider a PRNG that re-seeds itself as needed from high-quality pseudo-random output, such as hardware devices.

Phase: Architecture and Design

When deciding which PRNG to use, look at its sources of entropy. Depending on what your security needs are, you may need to use a random number generator that always uses strong random data -- i.e., a random number generator that attempts to be strong but will fail in a weak way or will always provide some middle ground of protection through techniques like re-seeding. Generally, something that always provides a predictable amount of strength is preferable.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains toView(s)
ChildOfWeakness BaseWeakness Base331Insufficient Entropy
Development Concepts (primary)699
Research Concepts (primary)1000
+ Taxonomy Mappings
Mapped Taxonomy NameNode IDFitMapped Node Name
CLASPInsufficient entropy in PRNG
+ Content History
Submissions
Submission DateSubmitterOrganizationSource
CLASPExternally Mined
Modifications
Modification DateModifierOrganizationSource
2008-07-01Eric DalciCigitalExternal
updated Time of Introduction
2008-09-08CWE Content TeamMITREInternal
updated Common Consequences, Relationships, Taxonomy Mappings
2009-03-10CWE Content TeamMITREInternal
updated Potential Mitigations
2009-12-28CWE Content TeamMITREInternal
updated Potential Mitigations
Back to top