Read Time:57 Second
Description
The product uses a Pseudo-Random Number Generator (PRNG) in a security context, but the PRNG’s algorithm is not cryptographically strong.
Modes of Introduction:
– Architecture and Design
Likelihood of Exploit: Medium
Related Weaknesses
Consequences
Access Control: Bypass Protection Mechanism
If a PRNG is used for authentication and authorization, such as a session ID or a seed for generating a cryptographic key, then an attacker may be able to easily guess the ID or cryptographic key and gain access to restricted functionality.
Potential Mitigations
Phase: Implementation
Description:
Use functions or hardware which use a hardware-based random number generation for all crypto. This is the recommended solution. Use CyptGenRandom on Windows, or hw_rand() on Linux.
CVE References
- CVE-2009-3278
- Crypto product uses rand() library function to generate a recovery key, making it easier to conduct brute force attacks.
- CVE-2009-3238
- Random number generator can repeatedly generate the same value.
- CVE-2009-2367
- Web application generates predictable session IDs, allowing session hijacking.
- CVE-2008-0166
- SSL library uses a weak random number generator that only generates 65,536 unique keys.