I have read that, generally, some implementations of SecureRandom may produce true random numbers.
In particular, the Android docs say
instances of this class will generate an initial seed using an internal entropy source, such as
/dev/urandom
but does that mean it will produce true random numbers (i.e., rather than pseudo-random numbers)?
And if I use SecureRandom
in Android in this manner...
SecureRandom sr = new SecureRandom();
...will I get a truly random output whenever I call sr.nextBoolean()
?
Or is the output likely to be more (or less?) random if I, instead, obtain output by doing this each time:
new SecureRandom().nextBoolean()
?
A cryptographically secure number random generator, as you might use for generating encryption keys, works by gathering entropy - that is, unpredictable input - from a source which other people can't observe.
Random class has only 48 bits where as SecureRandom can have upto 128 bits which makes the probability of repeating in SecureRandom are smaller. Due to this also the number of attempts to break Random number prediction comes to 2^48 while that of SecureRandom number is 2^128 which again makes it more secure.
Generates an integer containing the user-specified number of pseudo-random bits (right justified, with leading zeros). This method overrides a java. util. Random method, and serves to provide a source of random bits to all of the methods inherited from that class (for example, nextInt , nextLong , and nextFloat ).
No, a SecureRandom instance does not guarantee unique results.
"True" and "pseudorandom" random numbers mean a lot of different things to different people. It's best to avoid those.
/dev/urandom
got a bad rep because people do not understand the differences between it and /dev/random
(much, much less difference than you would expect).
If you're asking whether seeding by /dev/urandom
might compromise the fitness of SecureRandom
to use it for cryptographic purposes, the answer is a resounding "no".
If you've got some time you might want to read my essay about the whole issue.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With