Questions tagged [secure-random]

SecureRandom is a Java class that provides a cryptographically strong random number generator (RNG).

A cryptographically strong random number minimally complies with the statistical random number generator tests specified in FIPS 140-2, Security Requirements for Cryptographic Modules, section 4.9.1. Additionally, SecureRandom must produce non-deterministic output. Therefore any seed material passed to a SecureRandom object must be unpredictable, and all SecureRandom output sequences must be cryptographically strong, as described in RFC 1750: Randomness Recommendations for Security.

http://docs.oracle.com/javase/7/docs/api/java/security/SecureRandom.html

84 questions

votes

2 answers

How to generate a SecureRandom string of length n in Java?

I'm generating a random string using: private String generateSafeToken() { SecureRandom random = new SecureRandom(); byte bytes[] = new byte[512]; random.nextBytes(bytes); return bytes.toString(); } This gives a string of length 11…

java secure-random

asked Sep 17 '17 at 05:36

kovac

4,945
9
47
90

votes

4 answers

UUID.randomUUID() vs SecureRandom

I am trying to understand the advantages of using UUID.randomUUID() over SecureRandom generator as the former uses securerandom internally.

java uuid secure-random

asked Sep 30 '16 at 08:24

User3518958

votes

3 answers

Does the Android implementation of SecureRandom produce true random numbers?

I have read that, generally, some implementations of SecureRandom may produce true random numbers. In particular, the Android docs say instances of this class will generate an initial seed using an internal entropy source, such as /dev/urandom but…

java android random secure-random

asked Sep 12 '14 at 21:28

ban-geoengineering

18,324
27
171
253

votes

2 answers

Reusing java.util.Random instance vs creating a new instance every time

The title pretty much summarizes it - we can create one instance of java.util.Random (or SecureRandom) and use it every time we need a random value or we can create a new instance every time on demand. Wondering which one is the preferred way and…

java multithreading performance random secure-random

asked Oct 16 '18 at 15:03

khachik

28,112
9
59
94

votes

1 answer

Java: How do I set the nonce when using DRBG SecureRandom?

Java 9 introduced a new SecureRandom called DRBG. I want to use it to deterministically generate random numbers. The problem is that it uses a nonce internally which it always changes, so I don't get the same numbers for the same seeds. It does have…

java random cryptography secure-random

asked Jun 18 '18 at 10:28

Lazar Petrovic

votes

2 answers

What's the best way to create a "good" SecureRandom?

There are a lot of questions asking if a specific initiation of SecureRandom is "good", but I couldn't find a rule of thumb. What's the best way to create a "good" random SecureRandom? // Fast // Is it a good random? SecureRandom secureRandom = new…

java security random-seed java-security secure-random

asked Nov 29 '16 at 09:59

AlikElzin-kilaka

34,335
35
194
277

votes

3 answers

SecureRandom provider "Crypto" unavailable in Android N for deterministially generating a key

Users can purchase a "Pro" version of my app. When they do, I store and verify their purchase as follows. Combine the user's UUID and another unique string. The resulting string is then encrypted using a static seed. I do this using…

android random cryptography android-7.0-nougat secure-random

asked Apr 23 '16 at 16:01

NSouth

5,067
7
48
83

votes

4 answers

Generating random number of length 6 with SecureRandom in Ruby

I tried SecureRandom.random_number(9**6) but it sometimes returns 5 and sometimes 6 numbers. I'd want it to be a length of 6 consistently. I would also prefer it in the format like SecureRandom.random_number(9**6) without using syntax like…

ruby ruby-on-rails-5 rspec-rails secure-random

asked May 17 '17 at 17:20

gogofan

votes

1 answer

SecureRandom is unreasonably slow or freezes the system

A java application does something like this: SecureRandom random = new SecureRandom(); for(int i=0;i<12;i++){ random.nextInt(19); } At random.nextInt() the java freezes for several minutes, seems it hangs indefinitely. The weird part is that the…

java jenkins random freeze secure-random

asked Jan 19 '22 at 10:21

Micó Papp

votes

1 answer

Should I initialize the SecureRandom for my BCryptPasswordEncoder with a seed?

I am just doing a code review of a co-workers task and came across the following lines of code (he was implementing a Spring Security based login system). @Bean public PasswordEncoder passwordEncoder(){ return new…

java spring-security bcrypt secure-random

asked Oct 05 '16 at 12:17

Tim

votes

1 answer

SecureRandom stream weird behavior with multiple threads

I'm trying to generate random values using SecureRandom, specifically its support of streams. Ideally the values should be generated on a constant basis, so the stream could be infinite: SecureRandom secureRandom = new…

java multithreading stream thread-safety secure-random

asked Dec 02 '20 at 11:29

M A

71,713
13
134
174

votes

0 answers

Java /dev/urandom configuration

Whenever I look up switching Java to using /dev/urandom from /dev/random most sources mention it should be specified as /dev/./urandom as a workaround for a bug in Java. I wonder if this still necessary for Java 8 and up. Bug description references…

java secure-random

asked Dec 20 '18 at 16:01

oᴉɹǝɥɔ

1,796
1
18
31

votes

2 answers

Where can I get a reliable source of entropy (real randomness byte[])?

Currently, I'm looking for a way to increase the quality of randomness in my Android application (a card game). Previously, it was estimated that for my situation (52! permutation) at least 226 bits of entropy (226 random bits) are needed.. I'm…

java android random random-seed secure-random

asked Aug 10 '18 at 13:15

Sergey Emeliyanov

5,158
6
29
52

votes

1 answer

How to generate all possible 64 bit random values in java?

Does Java SecureRandom.nextLong() return all possible values given it inherits from Random which uses only 48 bits? If not, can I still do it in Java maybe by modifying the Random class and how to do it? I just want to use an all random long number…

java random generator long-integer secure-random

asked Aug 05 '18 at 17:09

mj1261829

1,200
3
26
53

votes

2 answers

Should I periodically reSeed SecureRandom or it occurs automatically?

We are using SecureRandom as follows (using Java8): import java.security.SecureRandom; private SecureRandom random = new SecureRandom(); The algorithm being used is NativePRNG. Should we seed periodically? as it's written that NativePRNG is…

java security random secure-random

asked Jul 25 '17 at 08:55

rayman

20,786
45
148
246

2 3 4 5 6 Next