SecureRandom seeds must not be predictable JAVA-S1031

java.security.SecureRandom instances must not be initialized with a predictable or constant seed value.

Seeding a SecureRandom instance with a predictable value will render any random values generated by it unusable for cryptographic purposes.

This issue will be raised if a constant or a predictable value (like the system clock) is used as a seed value for a SecureRandom instance.

Bad Practice

SecureRandom notSoRandom = new SecureRandom();
notSoRandom.setSeed(3L); // This is a very predictable seed!

// This uses the SecureRandom(ByteArray seed) constructor:
notSoRandom = new SecureRandom("qwerty".getBytes());

Recommended

Just allow the SecureRandom instance to initialize itself. Most implementations will properly initialize SecureRandom with suitable random data, ensuring good behavior.

SecureRandom secure = new SecureRandom();

// ...

References

• Oracle Java 8 JavaDocs - java.security.SecureRandom
• Veracode - CSPRNG
• OWASP Top Ten (2021) - Category A02 - Cryptographic Failures
• CWE-330 - Insufficiently Random Values
• CWE-332 - Insufficient Entropy in PRNG
• CWE-336 - Same Seed in PRNG
• CWE-337 - Predictable Seed in PRNG