The java.security.SecureRandom class provides a strong random number generator (RNG) appropriate for cryptography. However, seeding it with a constant or another predictable value will weaken it significantly. In general, it is much safer to rely on the seed provided by the SecureRandom implementation.

This rule raises an issue when SecureRandom.setSeed() or SecureRandom(byte[]) are called with a seed that is either one of:

• a constant
• the system time

Noncompliant Code Example

val sr = SecureRandom()
sr.setSeed(123456L) // Noncompliant
val v = sr.nextInt()

val sr = SecureRandom("abcdefghijklmnop".toByteArray(charset("us-ascii"))) // Noncompliant
val v = sr.nextInt()

Compliant Solution

val sr = SecureRandom()
val v = sr.nextInt()

See

• OWASP Top 10 2021 Category A2 - Cryptographic Failures
• OWASP Top 10 2017 Category A6 - Security Misconfiguration
• MITRE, CWE-330 - Use of Insufficiently Random Values
• MITRE, CWE-332 - Insufficient Entropy in PRNG
• MITRE, CWE-336 - Same Seed in Pseudo-Random Number Generator (PRNG)
• MITRE, CWE-337 - Predictable Seed in Pseudo-Random Number Generator (PRNG)
• CERT, MSC63J. - Ensure that SecureRandom is properly seeded