CWE-338 - Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Read Time:57 Second

Description

The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG’s algorithm is not cryptographically strong.

Modes of Introduction:

– Architecture and Design

Likelihood of Exploit: Medium

Related Weaknesses

CWE-330
CWE-330

Consequences

Access Control: Bypass Protection Mechanism

If a PRNG is used for authentication and authorization, such as a session ID or a seed for generating a cryptographic key, then an attacker may be able to easily guess the ID or cryptographic key and gain access to restricted functionality.

Potential Mitigations

Phase: Implementation

Description:

Use functions or hardware which use a hardware-based random number generation for all crypto. This is the recommended solution. Use CyptGenRandom on Windows, or hw_rand() on Linux.

CVE References

CVE-2009-3278
- Crypto product uses rand() library function to generate a recovery key, making it easier to conduct brute force attacks.

CVE-2009-3238
- Random number generator can repeatedly generate the same value.

CVE-2009-2367
- Web application generates predictable session IDs, allowing session hijacking.

CVE-2008-0166
- SSL library uses a weak random number generator that only generates 65,536 unique keys.

Cyber Security News

CWE-338 – Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Description

Related Weaknesses

Consequences

Potential Mitigations

CVE References

News, Advisories and much more