mercredi 24 décembre 2014

Repetitive usage of Java's SecureRandom

I'm a little bit confused about the usage of SecureRandom. I need to generate n random numbers in a loop. Is it secure to use the same SecureRandom instance for each generation? Are there any difference between the solutions below in terms of cryptographic strength?


1) Single instance without seeding



SecureRandom sr = new SecureRandom();
for(int i = 0; i < n; ++i) sr.nextInt();


2) New instance for each generation



for(int i = 0; i < n; ++i) new SecureRandom().nextInt();


3) Single instance with seeding



SecureRandom sr = new SecureRandom()
for(int i = 0; i < n; ++i) {
byte[] seed = sr.generateSeed(32);
sr.setSeed(seed);
sr.nextInt();
}




Aucun commentaire:

Enregistrer un commentaire