It is known that SecureRandom class provide strong cryptographic security for generated random number. java.util.Random is insecure for the situation which requires cryptographic security. The typical usage of SecureRandom is:
SecureRandom random = new SecureRandom();
byte bytes[] = new byte[20];
random.nextBytes(bytes);
However, I met a case:
SecureRandom random = new SecureRandom();
int number = random.ints();
The method ints() is inherited from the java.util.Random class. I am confused when SecureRandom which is a secure random number generator uses a method inherited from the insecure random number generator, whether it is secure?
Aucun commentaire:
Enregistrer un commentaire