How to generate a key with seed?

Question

I need to generate a key to my algorithm with a seed (byte array). This code doesn't work, because it's give 2 different results on different platforms:

byte seed [] = {50,30,...};
byte result [] = new byte [20];
SecureRandom rand = new SecureRandom();
rand.setSeed(seed);
rand.nextBytes(result);

I need to get the same results on different platforms.

OK, so you are saying you can run twice from eclipse and get same result? Or twice from studio and get same results? — weston, May 12 '15 at 08:01
if i run twice from eclipse it's give the same results, and if i run from studio it give the same results, but results from eclipse and studio are not equal — ilja, May 12 '15 at 08:05
sorry, don't understand. I use Eclipse Luna and Android Studio 1.2 — ilja, May 12 '15 at 08:08
Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/77584/discussion-between-ilja-and-weston). — ilja, May 12 '15 at 08:09

score 0 · Answer 1 · answered May 12 '15 at 08:00

0

Use the SHA1PRNG algorithm istead of NativePRNG.

SecureRandom rand = SecureRandom.getInstance("SHA1PRNG");
rand.setSeed(seed);
rand.nextBytes(result);

answered May 12 '15 at 08:00

Veselin Davidov

7,031
1
15
23

i tried this but it also give differents results :( – ilja May 12 '15 at 08:01
hmm according to this: http://www.moi.vonos.net/java/securerandom/ the SHA1PRNG should be platform independant – Veselin Davidov May 12 '15 at 08:01
why don't you use hashing algorithm instead of random algorithm for generating a key? This way you will get the same results with the same seed and it will not be reversable. – Veselin Davidov May 12 '15 at 08:04

score 0 · Answer 2 · edited May 23 '17 at 11:59

Always specify the exact PRNG and provider that you wish to use. If you just use the default PRNG, you may end up with different PRNGs on different installations of your application that may need to be called differently in order to work properly. Using the following code to get a PRNG instance is appropriate:

SecureRandom sr = SecureRandom.getInstance("SHA1PRNG", "SUN");

See https://www.cigital.com/justice-league-blog/2009/08/14/proper-use-of-javas-securerandom/

Also see this: Android 4.2 broke my encrypt/decrypt code and the provided solutions don't work

Which suggests this might work for android:

SecureRandom secrand = SecureRandom.getInstance("SHA1PRNG", "Crypto");

How to generate a key with seed?

2 Answers2