code

Insecure Randomness

Written by Eldar Zavida on

Insecure Randomness

Written by Eldar Zavida on


Introduction

In the digital world, web security is a powerful shield protecting sensitive data and online activities. At the heart of this defense lies the concept of randomness, which is the absence of any pattern or predictability in a sequence of events or data. Achieving true randomness relies on various sources, such as hardware-based random number generators (RNGs) or algorithms that simulate randomness through complex mathematical calculations. These methods aim to generate unpredictable values crucial for cryptographic operations like encryption keys or session tokens. However, if this randomness isn’t strong enough, it can compromise the security of sensitive information and expose vulnerabilities in web applications.

This article will cover the importance of robust randomness in web security and the risks of using predictable patterns or weak methods. By learning and implementing best practices, developers can better safeguard web applications, ensuring safer online experiences for users and keeping cyber threats under control.

Real World Scenario

To produce unpredictable and random data, the “real world” can be used as a source of randomness because events in the physical world are unpredictable. For example, the company Cloudflare uses the LavaRand system, which uses lava lamps as a secondary source of randomness. It has arranged about 100 lava lamps on one of the walls in the lobby of their headquarters and mounted a camera pointing at the lamps.  As the “lava” in a lava lamp never takes the same shape twice, observing a group of lava lamps is a great source of random data.

The camera takes photos of the lamps at regular intervals to collect this data and sends the images to Cloudflare servers. All digital images are stored by computers as a series of numbers, with each pixel having its numerical value. Each image becomes a string of totally random numbers, which then are fed into a CSPRNG that provides a stream of random values to be used as an extra source of randomness. This method allows them to offer their customers extremely strong and random TLS encryption.

The Lava Lamps Wall at Cloudflare Headquarters

How it Works

Session tokens are vital web security components, fulfilling diverse roles such as session management, authentication, and access control. They act as unique identifiers or keys, enabling users to validate their identity or authorization to access specific resources. The algorithm responsible for generating these tokens is the PRNG (Pseudorandom Number Generator), which produces a sequence of seemingly random numbers determined by an initial value known as a seed. Today, two types of generators are in use: standard and cryptographic. Developers typically create tokens in standard PRNGs, which are more predictable and can be compromised. Such implementation can significantly impact the overall security of web applications, exposing them to various attacks, including account takeover resulting from the prediction of session tokens.

Example of a Random Session Token

How to Test for Randomness Issues

One of the most important things to check during a penetration test is the randomness of the tokens generated by the system. To do so, the Burp Suite Sequencer tool can be used. It allows analyzing the quality of randomness by running multiple tests against a sample of tokens and compiling the results to indicate the randomness quality in the sample.

Using Burp Sequencer to Analyze Randomness

Use Case

The consequences of a vulnerability resulting from insecure randomness vary based on the specific context in which the randomness is applied.

For example, where randomness is used to create secure session tokens, the potential impact can be significant. A breach could allow malicious actors to guess other users’ session tokens, ultimately gaining unauthorized access to sensitive information or executing restricted operations on their behalf.

In the demonstration below, an administrative user logs in successfully to a certain web application, and a session token is generated and stored as a cookie.

Successfully Generating a Session Token as an Administrator

As the retrieved session token is not random and can be easily guessed, an attacker can identify the randomness configurations by logging into the system with his credentials several times and comparing the generated session tokens, as follows:

Successfully Generating a Session Token as a Regular User

Since the differences between the generated tokens are very noticeable, the attacker can now replace its session token with another token by changing the incremented number (“5967”) in its value to an arbitrary number and, consequently, gain unauthorized access to administrative pages and high-privileged functionalities:

Gaining Unauthorized Access by Tampering with the Predicted Session Token

Behind the Scenes

To better understand how the vulnerability can come into play, we can review the following vulnerable code, which shows that each user has an assigned ID. After a successful authentication, the server checks from the database which ID belongs to the user who logged in. Then, it retrieves this ID and inserts it inside a function that generates a session token by concatenating a prefix, the user’s ID, and a suffix.

Example of a Vulnerable Code

This can pose a major security issue because it exposes sensitive user data, particularly user IDs directly inserted into the session token generation process. Attackers could potentially exploit this vulnerability in various ways. For instance, they could employ a technique like session fixation, where they manipulate the session ID before authentication to gain unauthorized access or hijack another user’s session. Therefore, such direct inclusion of user IDs in session token generation poses a significant risk to the system’s overall security.

Mitigation

To prevent randomness issues, follow the instructions below provided by Clear Gate for immediate mitigation that can prevent future attacks further:

  • Cryptographically Secure Random Number Generators (CSPRNGs) – CSPRNGs are essential for ensuring the unpredictability and cryptographic strength of random values, such as cryptographic keys and nonces, making them integral to randomness management in cybersecurity.
  • Increase Complexity of Random Values – Strengthening the complexity or size of random values used in cryptographic operations significantly enhances security by making it more difficult for attackers to predict or guess these values.
  • Randomness Testing – Regular randomness testing ensures the quality and reliability of random number generation mechanisms.
  • Diversify Randomness Sources – Diversifying randomness sources increases the unpredictability and entropy of generated random values.

Conclusion

In conclusion, effective management of randomness is essential for cybersecurity. By implementing robust strategies such as secure random number generators and diversifying randomness sources, organizations can enhance their security posture and better protect against threats.

Organizations should prioritize cyber security risk assessments and penetration tests to mitigate risks in session randomization deployments, which have become increasingly popular among companies developing SaaS products. Clear Gate, a trusted cybersecurity provider, offers in-depth manual penetration tests to help organizations strengthen their applications’ security and protect valuable data from potential threats.

References