- We define True-Random Number Bugs (TRN) as:

- Note that the output sequence is of random bits, where values are obtained from one
or more sources of entropy.

- See also the BF Model of
Cryptographic Store or Transfer.

- High (semantic).

- Fig. 1 depicts TRN causes, attributes and consequences.

- This is what the output sequence is used for. It could be used as a seed for a PRNG
or for generation of passwords or cryptographic keying material (keys, nonces).

- This is the failed requirement.

- The notion of entropy used here is min-entropy, as the negative logarithm of the probability
of the most likely outcome. Let X be a random variable such that the set of possible
values that it can have is finite. Let

`P`

be the set of probabilities of X having those values.
The min-entropy of `X`

is defined as `–log`_{2}max(P)

, where
`max()`

finds the largest value in a set. The min-entropy is a measure of how difficult it
is to guess the most likely entropy source output.- Space size is the number of elements of the space of possible outputs. If the number
of different outputs is not sufficiently large, there is a vulnerability to a brute
force attack. Non-inferable means one cannot recover from known (guessed) information
anything about the TRBG output (CVE-2008-0141). TRBGs used for cryptography/security
must satisfy the Non-Inferable randomness requirement.

- CWEs related to TRN are: CWE-330, CWE-331, CWE-332, CWE-333, CWE-334,CWE-337, CWE-339, CWE-340, CWE-341, CWE-342, CWE-343.

- The only related SFP cluster is SFP Primary Cluster: Predictability.

- BF Descriptions of TRN Related CWEs are provided here.

- Application examples are provided here.