It is widely known John von Neumann's quote:
"Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin."
Pseudorandom number generators (PRNGs) use deterministic mathematical algorithms to produce a sequence of numbers with good statistical properties, but the numbers produced are not genuinely random. PRNGs usually start with an arithmetic seed value. The algorithm uses this seed in order to generate an output value and a new seed as well which is going to be used to generate the next value and so on.
The Java API provides a PRNG, the java.util.Random class. This PRNG built is portable and repeatable. As a consequence of that, if two Random instances are created using the same seed, they will generate identical sequences of numbers in all Java implementations.
Noncompliant Code Example
In case you use the same seed value, you will always get the same sequence of numbers, thus they will not be so "random" ones.
import java.util.Random; // ... Random number = new Random(123L); //... for (int i=0; i<20; i++) { // generate another random integer in the range [0,20] int n = number.nextInt(21); System.out.println(n); }
There are cases of course, where the same sequence of random numbers is desirable, e.g. regression tests of program behavior.
If there is no such a case, a same sequence of random numbers may cause a vulnerability.
Compliant Solution
Using a null seed value may prevent such problems. Java's default seed uses system's time in milliseconds.
import java.util.Random; // ... Random number = new Random(); int n; //... for (int i=0; i<20; i++) { // re-seed generator number = new Random(); // generate another random integer in the range [0,20] n = number.nextInt(21); System.out.println(n); }
For non-critical cases, e.g. adding some randomness to a game, Random class is considered fine. However, it is not random enough to be used by more serious applications, e.g. cryptography.
Compliant Solution
This compliant solution uses java.security.SecureRandom class in order to produce high quality random numbers.
import java.security.SecureRandom; import java.security.NoSuchAlgorithmException; // ... public static void main (String args[]) { try { static SecureRandom number = SecureRandom.getInstance ("SHA1PRNG"); // ... // generate 20 integers 0..20 for (int i=0; i<20; i++) { System.out.println(number.nextInt(21)); } } catch (NoSuchAlgorithmException nsae) {} }
Risk Assessment
Recommendation |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
---|---|---|---|---|---|
MSC30-J |
medium |
unlikely |
medium |
P4 |
L3 |
Automated Detection
TODO
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Other Languages
This rule appears in the C Secure Coding Standard as MSC30-C. Do not use the rand() function for generating pseudorandom numbers.
This rule appears in the C++ Secure Coding Standard as MSC30-CPP. Do not use the rand() function for generating pseudorandom numbers.
References
[Find Bugs 08] BC: Random objects created and used only once
MSC05-J. Make your classes non Cloneable unless required 99. The Void (VOID) EXC31-J. Handle checked exceptions that can be thrown within a finally block