0

In my web service I need to generate passwords that are strong and can be represented as a string. Currently I use System.Security.Cryptography.RandomNumberGenerator and generate a large enough (let's just assume it is really large enough) array of random bytes and then encode it using base 64 and return that to the user.

This way I have a random password which is generated using a suitable-for-cryptography PRNG (not class Random, see this question for details on why class Random is not okay here) and which can be represented as a string and sent in an email, shown in an interface or typed in or copy-pasted by the user.

Is anything inherently wrong with this scheme from the security standpoint?

Community
  • 1
  • 1
sharptooth
  • 167,383
  • 100
  • 513
  • 979
  • If you ensure that the password is transmitted securely between the web service and the user and back, then your scheme is secure. – dtb Apr 28 '12 at 15:13
  • @dtb: Of course, I can't ensure that at all times and I won't make any assumption about that. I'm asking only about the password construction process. – sharptooth Apr 28 '12 at 15:15
  • 2
    Base64 doesn't add or remove any security, if that's your question. But just using a suitable-for-cryptography PRNG doesn't make your scheme secure; you also need to think about how to transmit it to the user, how important it is that someone who shouldn't have a password doesn't get one, etc. – dtb Apr 28 '12 at 15:16

2 Answers2

3

With regard to whether there is anything inherently wrong with this scheme from a security standpoint, I would consider sending a password via e-mail to be a security risk in itself. Even if the e-mail is encrypted when going down the wire, it's still going to be stored on a medium that you have no control over.

Plus, the types of passwords that you're generating will not get memorised by users, making them more likely to get written down on a sticky note, or something similar, for all to see.

Ivan Karajas
  • 1,081
  • 8
  • 14
2

Both the Random and the RandomNumberGenerator classes are basically pseudo-random number generators and as they are based on algorithms, there is a limit as to how random their outputs can be.

But when compared to the Random, the RandomNumberGenerator class is considered as a Cryptographically secure pseudorandom number generator as it makes use of a quite a few other environmental parameters (http://en.wikipedia.org/wiki/CryptGenRandom) for ensuring randomness. Some of the parameters are:

  • The current process ID
  • The current thread ID
  • The tick count since boot time
  • The current time
  • Various high-precision performance counters
  • An MD4 hash of the user's environment block
  • High-precision internal CPU counters

Do go through the following link which is an interesting read regarding randomness: http://www.codinghorror.com/blog/2006/11/computers-are-lousy-random-number-generators.html

For the purpose normal usage scenarios such as generating passwords as in your case, the use of the RandomNumberGenerator class is more than enough (http://msdn.microsoft.com/en-us/library/system.random.aspx):

"To generate a cryptographically secure random number suitable for creating a random password, for example, use a class derived from System.Security.Cryptography.RandomNumberGenerator such as System.Security.Cryptography.RNGCryptoServiceProvider."

Anil Mathew
  • 2,590
  • 1
  • 15
  • 15