[Esapi-user] ESAPI Random Number Generation Broken

Jeff Williams jeff.williams at aspectsecurity.com
Mon Apr 7 02:45:09 UTC 2014

Could you share the test case please?   Are you suggesting that it is not safe to use a single instance of SecureRandom?
Does the test rely on the nextInt( a, b ) call?  I think the Javadoc for that method is broken and  should say the max is *exclusive* -- mirroring the behavior of the Java random.nextInt( x ) call.


-----Original Message-----
From: esapi-user-bounces at lists.owasp.org [mailto:esapi-user-bounces at lists.owasp.org] On Behalf Of Jim Manico
Sent: Sunday, April 06, 2014 6:54 PM
To: esapi-dev at lists.owasp.org; esapi-user at lists.owasp.org
Subject: [Esapi-user] ESAPI Random Number Generation Broken


Over a year ago the ESAPI team got a report from David Rook that the ESAPI Random Number Generator was not providing a random sequence of values. Using burp's random number analyzer, he found that ESAPI was providing a very predictable sequence of numbers from the https://code.google.com/p/owasp-esapi-java/source/browse/branches/2.1/src/main/java/org/owasp/esapi/reference/DefaultRandomizer.java
class. I was asked not to report on this to give the team time to fix it, but it's been over a year or more. So I reported it officially today. https://code.google.com/p/owasp-esapi-java/issues/detail?id=323

I believe this also may be the cause of

This also impacts anyone using ESAPI for Java for CSRF protection. Your CSRF tokens are not true random, they are a predictable sequence of numbers that will make it easier for an attacker to guess your CSRF token value. This also impacts key creation in the crypto API's. This also impact the random access map in ESAPI.

A quick fix is to fork
class and create a new instance of SecureRandom for each use. Be sure to test the performance impact of this.

Any questions, drop me a line here or at jim.manico at owasp.org.


Esapi-user mailing list
Esapi-user at lists.owasp.org

More information about the Esapi-user mailing list