CWE-336: Same Seed in Pseudo-Random Number Generator (PRNG)

What is Same Seed in Pseudo-Random Number Generator (PRNG)?

• Overview: This vulnerability occurs when a Pseudo-Random Number Generator (PRNG) is initialized with the same seed every time, leading to predictable sequences of numbers. PRNGs are deterministic, so using the same seed will always produce the same sequence of numbers, which can be easily exploited if the seed is known or guessed.

• Exploitation Methods:

• Attackers can exploit this vulnerability by predicting the sequence of random numbers if they know or can guess the seed used in the PRNG.
• Common attack patterns include brute-forcing the seed value or observing patterns in generated random sequences to infer the seed.

• Security Impact:

• Direct consequences include compromised randomness, leading to predictable results in applications that rely on random number generation for security.
• Potential cascading effects might include weakened encryption, compromised session tokens, or predictable keys in cryptographic operations.
• Business impact can be significant, resulting in data breaches, unauthorized access, or financial loss due to compromised security systems.

• Prevention Guidelines:

• Use a strong, unpredictable source for seeds, such as a cryptographically secure random number generator or system entropy sources.
• Avoid hardcoding seed values or using predictable sources like timestamps.
• Follow security best practices by regularly auditing and updating PRNG implementations and configurations.
• Recommended tools and frameworks include those that provide cryptographic-grade PRNGs, such as those in libraries like OpenSSL or Java's SecureRandom class.

Corgea can automatically detect and fix Same Seed in Pseudo-Random Number Generator (PRNG) in your codebase. Try Corgea free today.

Technical Details

Likelihood of Exploit: Not specified

Affected Languages: Not Language-Specific

Affected Technologies: Not specified

Vulnerable Code Example

import random

def generate_random_numbers():
    random.seed(12345)  # This line initializes the PRNG with a fixed seed
    random_numbers = [random.randint(1, 100) for _ in range(10)]
    return random_numbers

# This function will produce the same set of numbers every time it is called

Explanation:

• The code initializes the pseudo-random number generator (PRNG) with a fixed seed (12345), which means every time the generate_random_numbers function is called, it will produce the same sequence of numbers.
• This predictability can be exploited by an attacker to guess the sequence of random numbers, which could be critical if these numbers are used for security purposes like generating tokens, keys, etc.

How to fix Same Seed in Pseudo-Random Number Generator (PRNG)?

To fix this vulnerability, you should avoid using a fixed seed for the PRNG. Instead, use a dynamic and unpredictable source of entropy, such as the system time or, better yet, a cryptographic random number generator. This will ensure that the sequence of random numbers is different each time the program runs, making it much harder for an attacker to predict.

Fixed Code Example

import random
import os

def generate_random_numbers():
    # Use os.urandom to generate a more unpredictable seed
    dynamic_seed = int.from_bytes(os.urandom(8), 'big')  # Generate a secure random seed
    random.seed(dynamic_seed)  # Initialize PRNG with a dynamic seed
    random_numbers = [random.randint(1, 100) for _ in range(10)]
    return random_numbers

# Now, the function produces different sequences of numbers each time it is called

Explanation:

• Instead of using a fixed seed, the fixed code utilizes os.urandom to generate a dynamic, unpredictable seed.
• os.urandom(8) generates a secure random number of 8 bytes, which is then converted to an integer to serve as the seed for the PRNG.
• This approach ensures that each execution of the program results in a different sequence of random numbers, enhancing security and reducing the predictability of the output.