CWE-336: Same Seed in Pseudo-Random Number Generator (PRNG)

Description

A Pseudo-Random Number Generator (PRNG) uses the same seed each time the product is initialized.

Submission Date :

July 19, 2006, midnight

Modification Date :

2023-10-26 00:00:00+00:00

Organization :

MITRE

Extended Description

Given the deterministic nature of PRNGs, using the same seed for each initialization will lead to the same output in the same order. If an attacker can guess (or knows) the seed, then the attacker may be able to determine the random numbers that will be produced from the PRNG.

Example Vulnerable Codes

Example - 1

The following code uses a statistical PRNG to generate account IDs.



Random random = new Random(SEED);return random.nextInt();private static final long SEED = 1234567890;public int generateAccountID() {}

Because the program uses the same seed value for every invocation of the PRNG, its values are predictable, making the system vulnerable to attack.

Example - 2

This code attempts to generate a unique random identifier for a user's session.


srand($userID);return rand();function generateSessionID($userID){}

Because the seed for the PRNG is always the user's ID, the session ID will always be the same. An attacker could thus predict any user's session ID and potentially hijack the session.

If the user IDs are generated sequentially, or otherwise restricted to a narrow range of values, then this example also exhibits a Small Seed Space (CWE-339).

Related Weaknesses

This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.

CWE-335: Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)

Go to

Visit http://cwe.mitre.org/ for more details.