The app uses insecure pseudorandom number generators.
A pseudorandom number generator (PRNG) attempts to create random-like sequences of data derived from a provided seed. For a PRNG to be considered secure, the seed should not be predictable - yet common PRNG implementations are not cryptographically secure. For example, java.util.Random uses a linear congruential formula, allowing an attacker to predict future outputs, given enough observed outputs. Therefore, it is not suitable for security-critical applications or protecting sensitive data.
Evaluation Criteria:
The evidence table lists the:
Issue Signature: method signature causing the issue.
Location Signature: method signature where the issue is located
Please review the uses of insecure pseudorandom number generators listed in the evidence table. If they are used in a security-relevant context, this must be considered a vulnerability and the recommendation steps must be followed.
Steps to Reproduce
This test statically examines the app for any use of insecure pseudorandom number generators.
Business Impact
Using a non-cryptographically secure PRNG in a security context, such as authentication, poses significant risks. An attacker could potentially guess the generated numbers and gain access to privileged data or functionality. Predicting or regenerating random numbers can lead to encryption breaches, compromise sensitive user information, or enable user impersonation.
Remediation Resources
For security relevant contexts, use cryptographically secure random numbers such as java.security.SecureRandom. This class uses SHA1PRNG by default to produce non-deterministic results from a seed based on system thread timing obtained from dev/urandom. This seeding occurs automatically during object construction or acquisition, eliminating the need for explicit seeding of the PRNG.
The default constructor is usually sufficient for generating secure random values. However, while other constructors are available for advanced use cases, their improper use could reduce the randomness of the output. Therefore, non-default constructors should be used with caution.
In general, any deterministic use of SecureRandom, especially those involving hard-coded seed values (which are vulnerable to exposure by decompilation), is strongly discouraged.
Finding Description
The app uses insecure pseudorandom number generators.
A pseudorandom number generator (PRNG) attempts to create random-like sequences of data derived from a provided seed. For a PRNG to be considered secure, the seed should not be predictable - yet common PRNG implementations are not cryptographically secure. For example,
java.util.Randomuses a linear congruential formula, allowing an attacker to predict future outputs, given enough observed outputs. Therefore, it is not suitable for security-critical applications or protecting sensitive data.Evaluation Criteria:
The evidence table lists the:
Please review the uses of insecure pseudorandom number generators listed in the evidence table. If they are used in a security-relevant context, this must be considered a vulnerability and the recommendation steps must be followed.
Steps to Reproduce
This test statically examines the app for any use of insecure pseudorandom number generators.
Business Impact
Using a non-cryptographically secure PRNG in a security context, such as authentication, poses significant risks. An attacker could potentially guess the generated numbers and gain access to privileged data or functionality. Predicting or regenerating random numbers can lead to encryption breaches, compromise sensitive user information, or enable user impersonation.
Remediation Resources
For security relevant contexts, use cryptographically secure random numbers such as
java.security.SecureRandom. This class uses SHA1PRNG by default to produce non-deterministic results from a seed based on system thread timing obtained fromdev/urandom. This seeding occurs automatically during object construction or acquisition, eliminating the need for explicit seeding of the PRNG.The default constructor is usually sufficient for generating secure random values. However, while other constructors are available for advanced use cases, their improper use could reduce the randomness of the output. Therefore, non-default constructors should be used with caution.
In general, any deterministic use of
SecureRandom, especially those involving hard-coded seed values (which are vulnerable to exposure by decompilation), is strongly discouraged.Risk and Regulatory Information
Severity: info
Policy Category: Review Required
Application
See more detail in the NowSecure Report
Evidence
#### Insecure PRNG Found | Issue Signature | Location Signature | |---|---| | void java.util.Random.