1. Home
  2. CWE Database
  3. CWE-333
Variant · Low-Medium

CWE-333: Improper Handling of Insufficient Entropy in TRNG

True random number generators (TRNG) generally have a limited source of entropy and therefore can fail or block.

CWE-333 · Variant Level ·1 Mitigations

Description

True random number generators (TRNG) generally have a limited source of entropy and therefore can fail or block.

The rate at which true random numbers can be generated is limited. It is important that one uses them only when they are needed for security.

Potential Impact

Availability

DoS: Crash, Exit, or Restart

Demonstrative Examples

This code uses a TRNG to generate a unique session id for new connections to a server:
Bad
while (1){
                        if (haveNewConnection()){if (hwRandom()){int sessionID = hwRandom();createNewConnection(sessionID);} } }
This code does not attempt to limit the number of new connections or make sure the TRNG can successfully generate a new random number. An attacker may be able to create many new connections and exhaust the entropy of the TRNG. The TRNG may then block and cause the program to crash or hang.

Mitigations & Prevention

Implementation

Rather than failing on a lack of random numbers, it is often preferable to wait for more numbers to be created.

CWE-331: Insufficient Entropy

The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that ...

CWE-755: Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles an exceptional condition.

Taxonomy Mappings

  • CLASP: — Failure of TRNG
  • The CERT Oracle Secure Coding Standard for Java (2011): MSC02-J — Generate strong random numbers

Frequently Asked Questions

What is CWE-333?

CWE-333 (Improper Handling of Insufficient Entropy in TRNG) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Variant-level weakness. True random number generators (TRNG) generally have a limited source of entropy and therefore can fail or block.

How can CWE-333 be exploited?

Attackers can exploit CWE-333 (Improper Handling of Insufficient Entropy in TRNG) to dos: crash, exit, or restart. This weakness is typically introduced during the Architecture and Design, Implementation phase of software development.

How do I prevent CWE-333?

Key mitigations include: Rather than failing on a lack of random numbers, it is often preferable to wait for more numbers to be created.

What is the severity of CWE-333?

CWE-333 is classified as a Variant-level weakness (Low-Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.