Is DBMS_RANDOM considered dangerous?

Question

Is DBMS_RANDOM considered dangerous?

Our database team wants to cancel execution in DBMS_RANDOM from PUBLIC to solve security problems. If you use Google, some security experts consider the package to be dangerous, but cannot say why. Ingram and Shaul book "Oracle Practical Safety" states

... providing PUBLIC access to DBMS_RANDOM in environments where the function is used to generate a cryptographic key can compromise encrypted data ...

Oracle documentation says

DBMS_RANDOM is not intended for cryptography.

... and ...

DBMS_CRYPTO.RANDOMBYTES ... returns a RAW value containing a cryptographically secure pseudo-random byte sequence that can be used to generate random materials for encryption keys.

So, DMBS_RANDOM seems great for generating pseudo-random numbers (until you combine passwords with it). Why is it too dangerous for PUBLIC?

+7

security oracle

wolφi Jun 06 '13 at 19:36

source share

1 answer

Freedom_ben · Accepted Answer · 2013-06-06T22:59:32+0000

The reason DBMS_RANDOM should not be provided by PUBLIC when using it to generate a cryptographic key is because an attacker can use it to determine the initial values and / or patterns in generating keys that can be used to determine the key, the data is encrypted. This is why this can lead to a compromise of encrypted data. This, of course, is not an easy attack, but it is possible for someone with sufficient computing power.

DBMS_RANDOM should not be used for cryptography because it is too predictable. To generate a cryptographic key, you should use only a secure random function. These functions try to measure things like white noise and trigger values as randomly as possible.

Is DBMS_RANDOM considered dangerous?

More articles: