CWE-332 PRNG中信息熵不充分

Insufficient Entropy in PRNG

结构: Simple

Abstraction: Variant

状态: Draft

被利用可能性: Medium


The lack of entropy available for, or used by, a Pseudo-Random Number Generator (PRNG) can be a stability and security threat.


  • cwe_Nature: ChildOf cwe_CWE_ID: 331 cwe_View_ID: 1000 cwe_Ordinal: Primary

  • cwe_Nature: ChildOf cwe_CWE_ID: 331 cwe_View_ID: 699 cwe_Ordinal: Primary


Language: {'cwe_Class': 'Language-Independent', 'cwe_Prevalence': 'Undetermined'}


范围 影响 注释
Availability DoS: Crash, Exit, or Restart If a pseudo-random number generator is using a limited entropy source which runs out (if the generator fails closed), the program may pause or crash.
['Access Control', 'Other'] ['Bypass Protection Mechanism', 'Other'] If a PRNG is using a limited entropy source which runs out, and the generator fails open, the generator could produce predictable random numbers. Potentially a weak source of random numbers could weaken the encryption method used for authentication of users.


MIT-2 ['Architecture and Design', 'Requirements']

策略: Libraries or Frameworks

Use products or modules that conform to FIPS 140-2 [REF-267] to avoid obvious entropy problems. Consult FIPS 140-2 Annex C ("Approved Random Number Generators").



Consider a PRNG that re-seeds itself as needed from high-quality pseudo-random output, such as hardware devices.

Architecture and Design


When deciding which PRNG to use, look at its sources of entropy. Depending on what your security needs are, you may need to use a random number generator that always uses strong random data -- i.e., a random number generator that attempts to be strong but will fail in a weak way or will always provide some middle ground of protection through techniques like re-seeding. Generally, something that always provides a predictable amount of strength is preferable.


映射的分类名 ImNode ID Fit Mapped Node Name
CLASP Insufficient entropy in PRNG
The CERT Oracle Secure Coding Standard for Java (2011) MSC02-J Generate strong random numbers