4

Java's stock Random libraries include Random and SecureRandom (and I see ThreadLocalRandom as well). Are there any others? When would I use each? Sometimes I use SecureRandom just to feel better about my simple numbers. It turns out that SecureRandom actually lets you pick your generator. How and when should I use this?

Finally, Java 8 provides SecureRandom.getInstanceStrong(). I am not sure what this is, but it's much slower than any of the previous. How and when should I use SecureRandom.getInstanceStrong()? Also, is it slow because the noise source is running out?

Simon Kuang
  • 3,870
  • 4
  • 27
  • 53

1 Answers1

11

Random is predictable, you just need a small sequence of the generated numbers and you can walk both forward and backwards through the sequence. See Inverse function of Java's Random function for an example of reversing the sequence.

SecureRandom is not.

ThreadLocalRandom is an attempt to fix the fact that Random is not thread safe.

Other forms of random are possible with different features - you will have to study the maths of random numbers to to be able to balance between the ones you mentioned and any other algorithm.

SecureRandom getInstanceStrong() (note the Strong) seems to be an even stronger random sequence that is especially resilient to exposing long sequences.

Randomness

Randomness can be measured statistically - I won't go into detail here, there are loads of resources out there that explain how this can be done.

It is comparatively easy to think up an algorithm that generate a statistically random sequence. However, if you only attempt statistical randomness and expect it to be a good source for encrypting your data you are mistaken. You might as well use:

private static int lastRandom = 0;

public static int nextRandom() {
  return ++lastRandom;
}

The sequence generated will probably not pass the statistical tests for randomness but it would be about as predictable.

Predictability

This is a completely different mathematical problem far beyond a simple StackOverflow answer. If you want to generate a random number sequence that is not predictable at all you may as well use a Geiger counter or similar unpredictable hardware source. Have a look here for some interesting discussion.

Security

The problem is that a good encryption sequence must find the balance between making it difficult to reproduce while not making it impossible to reproduce. An impossible to reproduce sequence of random numbers is useless for encryption because you would never be able to reproduce the same sequence to decrypt.

Achieving difficult to reproduce without becoming impossible is the dream of cryptography. Again there are many resources but Wikipedia is, as usual, an excellent start.

Community
  • 1
  • 1
OldCurmudgeon
  • 64,482
  • 16
  • 119
  • 213
  • Why `SecureRandom` is not predictable ? Isn't it a program/algorithm too ? Nothing is really random (including the so-called _true_ random numbers). –  Apr 22 '14 at 21:45
  • 2
    @SujanSivagurunathan The two essential properties of a random number is that (1) it is fairly chosen, and (2) that you cannot predict in advance what it will be. Using cryptiugraphic methods, one can generate a sequence of values which all satisfy those criteria. True, if one has access to the complete internal state of the generator, one can predict future output. But for a secure random number generator, it is extremely difficult to predict future outputs based on a record of past outputs. – AJMansfield Apr 22 '14 at 21:49
  • @AJMansfield Could it be that the more secure RNGs use more "real" randomness, i.e. noise? – Simon Kuang Apr 22 '14 at 21:55
  • @Simon Assuming no specialist hardware (or an Internet connection to a machine with specialist hardware) a computer has [no access to *any* true randomness](http://blog.codinghorror.com/computers-are-lousy-random-number-generators/), let alone *more* – Richard Tingle Apr 22 '14 at 22:03
  • "*a good encryption sequence must find the balance between making it difficult to reproduce while **not making it impossible to reproduce***" => not sure I understand that part: why would you want your random sequence to be reproducible? – assylias Apr 22 '14 at 23:27
  • @assylias - if you were reproducing the same sequence at the other end to decrypt the message. – OldCurmudgeon Apr 22 '14 at 23:59
  • @OldCurmudgeon I still don't get it - there are better ways to encrypt/decrypt than using a predictable random sequence, no? – assylias Apr 23 '14 at 00:18
  • 1
    @assylias - Yes - but the **best** way is to use a random sequence that is as near to a [one-time pad](http://en.wikipedia.org/wiki/One-time_pad) as possible because only a one-time pad is uncrackable. I accept that most modern algorithms would take the age of the universe to crack but they still do not beat the holy grail of the one-time pad. – OldCurmudgeon Apr 23 '14 at 07:46