Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Should I prefer ThreadLocalRandom or SecureRandom?

Tags:

java

security

random

I know that Random class generates insecure random sequences and I should prefer using SecureRandom when dealing with security. But what about ThreadLocalRandom? Is it more or less secure?

// generate a five-digit numeric confirmation code
Long code = ThreadLocalRandom.current().nextLong(1, 99999);
like image 988
naXa Avatar asked Jun 12 '17 14:06

naXa

People also ask

When to use ThreadLocalRandom in Java?

Use of ThreadLocalRandom is particularly appropriate when multiple tasks (for example, each a ForkJoinTask ) use random numbers in parallel in thread pools. Usages of this class should typically be of the form: ThreadLocalRandom. current().

How does ThreadLocalRandom work?

A ThreadLocalRandom is initialized using an internally generated seed value that is not otherwise modifiable. Using ThreadLocalRandom instead of shared instances of Random will result in low contention and overhead. ThreadLocalRandom, just like its parent class, is not cryptographically secure.

1 Answers

As described in its javadoc, ThreadLocalRandom is similar to Random (i.e. not secure) but with better performance in case of concurrent access.

Instances of ThreadLocalRandom are not cryptographically secure. Consider instead using SecureRandom in security-sensitive applications.

like image 89
assylias Avatar answered Sep 19 '22 02:09

assylias
Sign in to Comment

Related questions

How to compare lists of custom classes without defining equals() and hashCode()?
Trying to mock RestTemplate with MockRestServiceServer but body is always null
How to create dynamic variables in Java?
package structure in Spring,Entity vs Model vs Controller
attribute references not allowed in lexer actions
How to convert the values of a Map of List to a single List
@Autowired objects are null only when testing
Google Maps Utils how to decode polylines values from list?
how to rotate marker(bus) according to direction?
spring jpa - At least one JPA metamodel must be present*
Unable to instantiate application: java.lang.ClassNotFoundException:
LocalDate minus a Period get wrong result
JPA many-to-many relationship causing infinite recursion and stack overflow error
Tensorflow model import to Java
Cipher.getInstance() and Cipher.getInit() for each message in case of random IV for AES encryption
Getting indexes of maximum number in array
H2 Embedded database not picking up properties during test on spring boot
Single role multiple IP addresses in Spring Security configuration
JavaFx Controller: detect when stage is closing
Firebase No properties to serialize found with object in release mode

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!