Home Page Javascript Download Core Servlets & Java Server Java Cryptography Java in 60 Min A Day Javascript Tutorial About Us Contact Us
Site Search
Free Javascript Lessons
Newest Java Articles
Checkbox Changer
Check Entry
Check All
Block Key Press
Basic Validation
Auto Email Link
JavaScript Forms: Agree Before Entry
Auto Tab
JavaScript Calendars: Time Entered - Day Highlighted
JavaScript Calendars: Days Left
Related SE Keywords
Java virtual machine
Java Applet
Javascript Lesson
Javascript Tutorial
Java Programming
Java Games
Java Xml
Java String
Cryptography Extensions
Free Web Master Tools
JavascriptDownload.net > Free Javascript Lessons > Java Cryptography Extensions > Chapter 2 / 3 - The SecureRandom Engine

2.2  The SecureRandom Engine

The ability to build cryptographically secure pseudo-random number generators (CSPRNG) is crucial. To meet this demand, the JCA includes an engine capable of serving up CSPRNG algorithms. True to its engine form, it implements the standard pair of engine factory methods, for example:

SecureRandom csprng = SecureRandom.getInstance("SHAlPRNG");

Actual random number generation cannot occur until after the engine initializes its internal state, known as establishing a seed value. Think of the seed value as the "starting point" of random number generation. Programmatically, you can establish the seed value by invok­ing the setSeed(long seed) method immediately after obtaining the CSPRNG instance from the factory method:

csprng.setSeed(31592712351); //Fingers Pounding Keyboard Number

Extracting random bytes from the CSPRNG is done with a call to the nextBytes(byte[] output) method. The larger the byte[] passed to the method, the more random bytes the CSPRNG yields.

Of particular noteworthiness is that additional calls to the setSeed(long seed) method after extracting one or more random byte arrays operate in a supplemental nature. In other words, the original seed value is not replaced; attempting to ensure that repeated calls avoid deterministic sequences (patterns) in the generated random values. A deter­ministic algorithm is an algorithm with no elements of chance, where the result is well determined and nonrandom[6]. Thus, a deterministic algorithm is not well suited for our cryptographic activities because an attacker could potentially determine the sequence of bytes used in the secret key.

It is worth noting that the java.lang.Math class contains a randomQ method. This method is not suitable for cryptographic operations because it uses a deterministic algorithm. The JavaDocs on the function indicate that the pseudo-random values are uni­formly distributed between 0.0 and 1.0. True randomness is never uniformly distributed. The speed at which someone types on a keyboard over a period of time, the vibrations of a building as traffic rushes by—each of these are truly random and not uniform in nature. Uniformity only helps strengthen the position of the crypanalyst. Those interested in reading more about the generation of random numbers and nondeterministic algo­rithms should review the classic work on the topic—Donald Knuth's The Art of Computer Programming, Volume 2, (Boston: Addison-Wesley, 1997) Chapter 3, "Random Numbers."

Add Comment
homepage   |  about us  |  contact us
Powered By teknonova.com Sunucu Kiralama