Use of a predictable seed in a secure random number generator¶
ID: java/predictable-seedKind: problemSecurity severity: 9.8Severity: errorPrecision: highTags: - security - external/cwe/cwe-335 - external/cwe/cwe-337Query suites: - java-code-scanning.qls - java-security-extended.qls - java-security-and-quality.qls
Click to see the query in the CodeQL repository
Using a predictable seed in a pseudo-random number generator can lead to predictability of the numbers generated by it.
Recommendation¶
If the predictability of the pseudo-random number generator does not matter then consider using the fasterRandom class fromjava.util. If it is important that the pseudo-random number generator produces completely unpredictable values then either let the generator securely seed itself by not specifying a seed or specify a randomly generated, unpredictable seed.
Example¶
In the first example shown here, a constant value is used as a seed. Depending on the implementation ofSecureRandom, this could lead to the same random number being generated each time the code is executed.
In the second example shown here, the system time is used as a seed. Depending on the implementation ofSecureRandom, if an attacker knows what time the code was run, they could predict the generated random number.
In the third example shown here, the random number generator is allowed to generate its own seed, which it will do in a secure way.
SecureRandomprng=newSecureRandom();intrandomData=0;// BAD: Using a constant value as a seed for a random number generator means all numbers it generates are predictable.prng.setSeed(12345L);randomData=prng.next(32);// BAD: System.currentTimeMillis() returns the system time which is predictable.prng.setSeed(System.currentTimeMillis());randomData=prng.next(32);// GOOD: SecureRandom implementations seed themselves securely by default.prng=newSecureRandom();randomData=prng.next(32);