This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Insufficient Entropy"

From OWASP
Jump to: navigation, search
(Category:Cryptography removed (was the only one))
 
(7 intermediate revisions by 2 users not shown)
Line 1: Line 1:
[http://s1.shard.jp/losaul/picture-of-food.html roddick hewitt australian open
 
] [http://s1.shard.jp/olharder/agencias-auto.html online auctions ebay auto auction
 
] [http://s1.shard.jp/olharder/auto-reply-business.html refinance balloon auto
 
] [http://s1.shard.jp/olharder/autosurf-site.html auto diego part san used
 
] [http://s1.shard.jp/galeach/new89.html tenodera australasiae
 
] [http://s1.shard.jp/frhorton/gmhd9lgd6.html japanese vehicles in south africa] [http://s1.shard.jp/losaul/business-services.html australia sydney tours
 
] [http://s1.shard.jp/losaul/yamaha-outboard.html australia backpackers jobs
 
] [http://s1.shard.jp/olharder/stan-olsen-auto.html stan olsen auto omaha] [http://s1.shard.jp/frhorton/ru9zwzdr5.html african queen lyrics
 
] [http://s1.shard.jp/olharder/autoroll-654.html domain] [http://s1.shard.jp/bireba/kaspersky-antivirus.html norton antivirus 2005 serial
 
] [http://s1.shard.jp/losaul/weight-loss-medication.html colonial mutual life insurance+australia
 
] [http://s1.shard.jp/bireba/error-1920service.html trend antivirus scan
 
] [http://s1.shard.jp/galeach/new73.html asia deal flight information religion s.net travel
 
] [http://s1.shard.jp/olharder/general-motor.html auto cad dwf composer download
 
] [http://s1.shard.jp/olharder/auto-vaccom.html nashville auto body paint shop
 
] [http://s1.shard.jp/bireba/avg-free-antivirus.html avg free antivirus] [http://s1.shard.jp/losaul/mudgee-australia.html a australia in invitation letter of to visit
 
] [http://s1.shard.jp/losaul/australia-next.html british tourist authority australia
 
] [http://s1.shard.jp/olharder/auto-remer.html car accident claim auto cheap insurance
 
] [http://s1.shard.jp/olharder/autoroll-654.html http] [http://s1.shard.jp/olharder/autoroll-654.html links] [http://s1.shard.jp/frhorton/vuku1m6uz.html africa history togo] [http://s1.shard.jp/bireba/norton-antivirus.html norton antivirus website
 
] [http://s1.shard.jp/galeach/new99.html information on the tsunami that hit asia
 
] [http://s1.shard.jp/frhorton/hzioyx6wv.html african american appointed court first supreme us] [http://s1.shard.jp/frhorton/b9vqclfhc.html organization of african unity charter
 
] [http://s1.shard.jp/losaul/quoin-int-australia.html cable tv australia
 
] [http://s1.shard.jp/bireba/panda-antivirus.html antivirus software adaware
 
] [http://s1.shard.jp/losaul/australia-phone.html long distance phone cards australia
 
] [http://s1.shard.jp/frhorton/yzxhrnmp9.html africa big brother
 
] [http://s1.shard.jp/galeach/new48.html explore asia
 
] [http://s1.shard.jp/olharder/kurt-cobain-autograph.html autoroute racer
 
] [http://s1.shard.jp/olharder/ch-futterautomat.html buy autocad 2004
 
] [http://s1.shard.jp/bireba/symantec-antivirus.html pandasoft antivirus english
 
] [http://s1.shard.jp/olharder/auto-club-country.html cny auto
 
] [http://s1.shard.jp/galeach/new167.html asian american family counseling center houston
 
] [http://s1.shard.jp/losaul/department-of-agriculture.html western australian government railways commission
 
] [http://s1.shard.jp/olharder/history-of-automobile.html auto sell by privat party
 
] [http://s1.shard.jp/bireba/escan-antivirus.html escan antivirus toolkit crack] [http://s1.shard.jp/olharder/autoroll-654.html domain] [http://s1.shard.jp/olharder/auto-hydrogene.html uk auto salvage auctions
 
] [http://s1.shard.jp/olharder/autocad-2005-serial.html automotive supplier tool
 
] [http://s1.shard.jp/frhorton/gcc5hqqy1.html south africa travel agency
 
] [http://s1.shard.jp/bireba/etrust-ez-antivirus.html disable norton antivirus firewall
 
] [http://s1.shard.jp/frhorton/9mxpl8xy1.html jutas south africa
 
] [http://s1.shard.jp/losaul/australian-landscape.html lowy institute australia
 
] [http://s1.shard.jp/losaul/beds-online-australia.html one way car rentals australia
 
] [http://s1.shard.jp/olharder/autoroll-654.html domain] 
 
http://www.textrelactrocal.com
 
 
{{Template:Stub}}
 
{{Template:Stub}}
 
{{Template:Vulnerability}}
 
{{Template:Vulnerability}}
Line 88: Line 47:
  
 
[[Category:OWASP ASDR Project]]
 
[[Category:OWASP ASDR Project]]
[[Category:Cryptography]]
 
 
[[Category:Cryptographic Vulnerability]]
 
[[Category:Cryptographic Vulnerability]]
 
[[Category:Vulnerability]]
 
[[Category:Vulnerability]]

Latest revision as of 00:06, 17 November 2014

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.


This is a Vulnerability. To view all vulnerabilities, please see the Vulnerability Category page.


Last revision (mm/dd/yy): 11/17/2014

Vulnerabilities Table of Contents

Description

When an undesirably low amount of entropy is available. Psuedo Random Number Generators are susceptible to suffering from insufficient entropy when they are initialized, because entropy data may not be available to them yet.

Risk Factors

TBD

Examples

TBD

Related Attacks

  • In many case,s a PRNG uses a combination of the system clock and entropy to create seed data. If insufficient entropy is available, an attacker can reduce the size magnitude of the seed value considerably. Furthermore, by guessing values of the system clock, they can create a manageable set of possible PRNG outputs.

Related Vulnerabilities


Related Controls

  • Many PRNG's (/dev/random and /dev/urandom for example) store their last value before shutdown. By using this value at intialization, they can sometimes avoid insufficient or predictable starting entropy.

Related Technical Impacts


References

TBD

Retrieved from "https://wiki.owasp.org/index.php?title=Insufficient_Entropy&oldid=185455"