CWE-339: Small Seed Space in PRNG
Description
A Pseudo-Random Number Generator (PRNG) uses a relatively small seed space, which makes it more susceptible to brute force attacks.
Submission Date :
July 19, 2006, midnight
Modification Date :
2023-10-26 00:00:00+00:00
Organization :
MITRE
Extended Description
PRNGs are entirely deterministic once seeded, so it should be extremely difficult to guess the seed. If an attacker can collect the outputs of a PRNG and then brute force the seed by trying every possibility to see which seed matches the observed output, then the attacker will know the output of any subsequent calls to the PRNG. A small seed space implies that the attacker will have far fewer possible values to try to exhaust all possibilities.
Example - 1
This code grabs some random bytes and uses them for a seed in a PRNG, in order to generate a new cryptographic key. Since only 2 bytes are used as a seed, an attacker will only need to guess 2^16 (65,536) values before being able to replicate the state of the PRNG.// # getting 2 bytes of randomness for the seeding the PRNG //
seed = os.urandom(2)random.seed(a=seed)key = random.getrandbits(128)
Related Weaknesses
This table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined to give an overview of the different insight to similar items that may exist at higher and lower levels of abstraction.
Visit http://cwe.mitre.org/ for more details.