Reliance on Insecure Random Numbers

Using Strong Random Numbers

About insecure randomness

What is insecure randomness?

Random number generation is the process of generating a sequence of numbers or symbols that cannot be reasonably predicted better than by random chance. The ability to generate true random numbers is important in many fields, including cryptography, simulation, and gaming, where the results must be unpredictable and unbiased.

In computer science and cryptography, random number generation is used to generate cryptographic keys, secure passwords, and other security-related data. Pseudorandom number generators (PRNGs) are commonly used to generate random numbers in computer systems, but they are not truly random since their output is determined by an algorithm that uses a seed value to generate a sequence of numbers. True random number generators (TRNGs) use physical processes or natural sources of randomness, such as radioactive decay or atmospheric noise, to generate true random numbers.

The quality of random number generation is crucial in many applications, particularly in the field of cryptography. If the random numbers are predictable or biased, they can be used to compromise the security of the system. Therefore, it is important to use reliable and secure random number generators in security-critical applications.

In summary, random number generation is the process of generating a sequence of numbers or symbols that cannot be reasonably predicted better than by random chance. True random number generators are preferable for security-critical applications to ensure that the output is unbiased and unpredictable.

Check out this video for a high-level explanation:

What is the impact of insecure randomness?

Insecure randomness in security systems has significant impacts on the security and privacy of data. Here are some of the potential impacts:

• Weak cryptography: Insecure randomness can result in the use of weak cryptographic keys or other security parameters, which can be exploited by attackers to gain unauthorized access to sensitive data. This can result in data breaches, where sensitive data is stolen or leaked.
• Malicious attacks: Attackers can use insecure randomness to launch various types of attacks, such as brute-force attacks or other guessing attacks, which can be used to break weak or outdated security systems.
• Regulatory compliance issues: Insecure randomness can result in non-compliance with various security standards and regulations, which can result in financial penalties or other legal consequences.

How to prevent insecure randomness?

Several measures can prevent insecure randomness, including:

• Use reliable and secure random number generators: Use reliable and secure random number generators that have been widely tested and validated by security experts. True random number generators (TRNGs) are preferable for security-critical applications to ensure that the output is unbiased and unpredictable.
• Use appropriate cryptographic keys and security parameters: Use appropriate cryptographic keys and security parameters to ensure that the security system is strong enough to resist attacks. The strength of the cryptographic keys and security parameters should be based on the level of security required by the system.
• Regularly update software and systems: Regularly update software and systems to ensure that the latest security patches are applied and known vulnerabilities related to insecure randomness are addressed.
• Regularly review and update security policies and procedures: Regularly review and update security policies and procedures to ensure that they remain up-to-date with the latest best practices and standards.

References

Taxonomies

• OWASP Top 10 - A02 Cryptographic Failures
• CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
• CWE-329: Not Using a Random IV with CBC Mode
• CWE-330: Use of Insufficiently Random Values
• CWE-331: Insufficient Entropy
• CWE-335: Incorrect Usage of Seeds in Pseudo-Random Number Generator(PRNG)
• CWE-336: Same Seed in Pseudo-Random Number Generator (PRNG)
• CWE-337: Predictable Seed in Pseudo-Random Number Generator (PRNG)

Explanation & Prevention

• OWASP: Insecure Randomness
• OWASP: Cryptographic Storage Cheat Sheet
• OWASP: Testing for Weak Encryption

Related CVEs

• CVE Details: CWE-330

Training

• Secure Code Warrior: Insecure Randomness

The ability to generate random numbers is very helpful in all kinds of applications. One obvious example is gambling DApps, where a pseudo-random number generator is used to pick the winner. However, creating a strong enough source of randomness in Ethereum is very challenging. For example, the use of block.timestamp is insecure, as a miner can choose to provide any timestamp within a few seconds and still get his block accepted by others. Other examples of insecure fields are:

• blockhash
• block.difficulty

Instead of relying on insecure randomness from chain attributes, consider:

• Using commitment schemes, e.g. RANDAO.
• Using external sources of randomness via oracles, e.g. Oraclize.
• Using Bitcoin block hashes, as they are more expensive to mine.

Category-specific references:

• Smart Contract Weakness Classification (SWC 120)
• Common Weakness Enumeration (CWE-330)
• RanDAO