isn’t securely random

Chinese translation: 随机性没有那么可靠

Login or register (free and only takes a few minutes) to participate in this question.

You will also have access to many other tools and opportunities designed for those who have language-related jobs (or are passionate about them). Participation is free and the site has a strict confidentiality policy.

03:10 Apr 13, 2018
English to Chinese translations [PRO]
Tech/Engineering - IT (Information Technology) / security
English term or phrase: isn’t securely random
JavaScript SecureRandom() isn’t securely random — many old web wallets affected — and the bug was warned of five years ago (UPDATED)
原文出处:
https://davidgerard.co.uk/blockchain/2018/04/11/javascript-s...
JavaScript SecureRandom()并不是安全随机的?
啥意思?
clearwater
China
Local time: 16:49
Chinese translation:随机性没有那么可靠
Explanation:
就是还可以找到其中的规律(漏洞),不是真正随机的
Selected response from:

Li Xiaojie
China
Local time: 16:49
Grading comment
谢谢!
4 KudoZ points were awarded for this answer



Summary of answers provided
5FYI
jyuan_us
4 +1随机性没有那么可靠
Li Xiaojie
4 +1不具有安全的随机性
Patrick Cheng


  

Answers


51 mins   confidence: Answerer confidence 4/5Answerer confidence 4/5 peer agreement (net): +1
不具有安全的随机性


Explanation:
这是说JavaScript脚本语言的SecureRandom()函数有问题,得到的结果不是真正的安全随机数,但已经被很多的加密币使用,所以造成隐患。

Patrick Cheng
United States
Local time: 02:49
Works in field
Native speaker of: Native in ChineseChinese
PRO pts in category: 838

Peer comments on this answer (and responses from the answerer)
agree  Jiaying Ma
2 hrs
Login to enter a peer comment (or grade)

1 hr   confidence: Answerer confidence 4/5Answerer confidence 4/5 peer agreement (net): +1
随机性没有那么可靠


Explanation:
就是还可以找到其中的规律(漏洞),不是真正随机的

Li Xiaojie
China
Local time: 16:49
Specializes in field
Native speaker of: Chinese
PRO pts in category: 125
Grading comment
谢谢!

Peer comments on this answer (and responses from the answerer)
agree  Frank Wang: 随机性不可靠。OR:不能可靠地随机化。securely 有可靠,让人放心的意思。
5 hrs
Login to enter a peer comment (or grade)

13 hrs   confidence: Answerer confidence 5/5
FYI


Explanation:
JavaScript SecureRandom() 的随机性的安全程度不高。

“securely”的“安全性”的本意没变。根据下列参考,SecureRandom 是比 Random的安全级别更到的随机方式。一个通俗但形象的比喻是: 你从50 个号码中随机抽取5个和你从100个号码中随机抽取5个,显然前者的安全性没有后者高,前者更容易被破解。前者就是 Random,后者就是Securely Random。

并不是说Random不安全,而是说Securely Random更安全。

Random vs SecureRandom

Size: A Random class has only 48 bits where as SecureRandom can have upto 128 bits. So the chances of repeating in SecureRandom are smaller.
Seed Generation: Random uses the system clock as the seed/or to generate the seed. So they can be reproduced easily if the attacker knows the time at which the seed was generated. But SecureRandom takes Random Data from your OS (they can be interval between keystrokes etc – most OS collect these data and store them in files – /dev/random and /dev/urandom in case of linux/solaris) and use that as the seed.
Breaking the code: In case of random, just 2^48 attempts are required, with today’s advanced cpu’s it is possible to break it in practical time. But for securerandom 2^128 attempts will be required, which will take years and years to break even with today’s advanced machines.
Generating Function: The standard Oracle JDK 7 implementation uses what’s called a Linear Congruential Generator to produce random values in java.util.Random. SecureRandom implementations are in the form of a pseudo-random number generator (PRNG), which means they use a deterministic algorithm to produce a pseudo-random sequence from a true random seed. Other implementations may produce true random numbers, and yet others may use a combination of both techniques.
Security: Consequently, the java.util.Random class must not be used either for security-critical applications or for protecting sensitive data.

jyuan_us
United States
Local time: 04:49
Native speaker of: Native in ChineseChinese
PRO pts in category: 1923
Login to enter a peer comment (or grade)



KudoZ™ translation help

The KudoZ network provides a framework for translators and others to assist each other with translations or explanations of terms and short phrases.


See also:

Your current localization setting

English

Select a language

Term search
  • All of ProZ.com
  • Term search
  • Jobs
  • Forums
  • Multiple search