1. Home
  2. Weaknesses
  3. CWE-333

CWE-333: Improper Handling of Insufficient Entropy in TRNG

ID CWE-333
Abstraction Variant
Structure Simple
Status Draft
Detail Web & Social
True random number generators (TRNG) generally have a limited source of entropy and therefore can fail or block.

The rate at which true random numbers can be generated is limited. It is important that one uses them only when they are needed for security.

Modes of Introduction

Phase Note
Architecture and Design
Implementation REALIZATION: This weakness is caused during implementation of an architectural security tactic.

Applicable Platforms

Type Class Name Prevalence
Language Not Language-Specific

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-331 Insufficient Entropy Base Simple Draft
CWE-1000 Research Concepts Draft CWE-755 Improper Handling of Exceptional Conditions Class Simple Incomplete