The lack of entropy available for, or used by, a Pseudo-Random
Number Generator (PRNG) can be a stability and security
threat.
Time of Introduction
Architecture and Design
Implementation
Applicable Platforms
Languages
All
Common Consequences
Scope
Effect
Availability
If a pseudo-random number generator is using a limited entropy source
which runs out (if the generator fails closed), the program may pause or
crash.
Authentication
If a PRNG is using a limited entropy source which runs out, and the
generator fails open, the generator could produce predictable random
numbers. Potentially a weak source of random numbers could weaken the
encryption method used for authentication of users. In this case,
potentially a password could be discovered.
Likelihood of Exploit
Medium
Demonstrative Examples
Example 1
C and C++
while (1){
if (OnConnection()){
if (PRNG(...)) {
//use the random bytes
}
else (PRNG(...)) {
//cancel the program
}
}
Java
while (1){
if (OnConnection()){
if (PRNG(...)) {
//use the random bytes
}
else (PRNG(...)) {
//cancel the program
}
}
Potential Mitigations
ID
Phase
Description
2
Implementation
Perform FIPS 140-2 tests on data to catch obvious entropy
problems.
Implementation
Consider a PRNG that re-seeds itself as needed from high-quality
pseudo-random output, such as hardware devices.
Architecture and Design
When deciding which PRNG to use, look at its sources of entropy.
Depending on what your security needs are, you may need to use a random
number generator that always uses strong random data -- i.e., a random
number generator that attempts to be strong but will fail in a weak way
or will always provide some middle ground of protection through
techniques like re-seeding. Generally, something that always provides a
predictable amount of strength is preferable.
Description
