VariantDraft

CWE-339Small Seed Space in PRNG

Category: other

Description

A Pseudo-Random Number Generator (PRNG) uses a relatively small seed space, which makes it more susceptible to brute force attacks. PRNGs are entirely deterministic once seeded, so it should be extremely difficult to guess the seed. If an attacker can collect the outputs of a PRNG and then brute force the seed by trying every possibility to see which seed matches the observed output, then the attacker will know the output of any subsequent calls to the PRNG. A small seed space implies that the attacker will have far fewer possible values to try to exhaust all possibilities.

Common consequences· 1

  • Other — Varies by Context

Potential mitigations· 2

  • [Architecture and Design]Use well vetted pseudo-random number generating algorithms with adequate length seeds. Pseudo-random number generators can produce predictable numbers if the generator is known and the seed can be guessed. A 256-bit seed is a good starting point for producing a "random enough" number.
  • [Architecture and Design, Requirements]Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems, or use the more recent FIPS 140-3 [REF-1192] if possible.

References

  1. https://cwe.mitre.org/data/definitions/339.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Same Seed in Pseudo-Random Number Generator (PRNG)
CWE
Insufficient Entropy in PRNG
CWE
Predictable Seed in Pseudo-Random Number Generator (PRNG)
CWE
Improper Handling of Insufficient Entropy in TRNG
CWE
Predictable Value Range from Previous Values
CWE
Small Space of Random Values
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.