Read Time:34 Second
Description
True random number generators (TRNG) generally have a limited source of entropy and therefore can fail or block.
The rate at which true random numbers can be generated is limited. It is important that one uses them only when they are needed for security.
Modes of Introduction:
– Architecture and Design
Likelihood of Exploit: Low
Related Weaknesses
Consequences
Availability: DoS: Crash, Exit, or Restart
A program may crash or block if it runs out of random numbers.
Potential Mitigations
Phase: Implementation
Description:
Rather than failing on a lack of random numbers, it is often preferable to wait for more numbers to be created.