Login or register (free and only takes a few minutes) to participate in this question.
You will also have access to many other tools and opportunities designed for those who have language-related jobs (or are passionate about them). Participation is free and the site has a strict confidentiality policy.
03:10 Apr 13, 2018
English to Chinese translations [PRO] Tech/Engineering - IT (Information Technology) / security
Size: A Random class has only 48 bits where as SecureRandom can have upto 128 bits. So the chances of repeating in SecureRandom are smaller.
Seed Generation: Random uses the system clock as the seed/or to generate the seed. So they can be reproduced easily if the attacker knows the time at which the seed was generated. But SecureRandom takes Random Data from your OS (they can be interval between keystrokes etc – most OS collect these data and store them in files – /dev/random and /dev/urandom in case of linux/solaris) and use that as the seed.
Breaking the code: In case of random, just 2^48 attempts are required, with today’s advanced cpu’s it is possible to break it in practical time. But for securerandom 2^128 attempts will be required, which will take years and years to break even with today’s advanced machines.
Generating Function: The standard Oracle JDK 7 implementation uses what’s called a Linear Congruential Generator to produce random values in java.util.Random. SecureRandom implementations are in the form of a pseudo-random number generator (PRNG), which means they use a deterministic algorithm to produce a pseudo-random sequence from a true random seed. Other implementations may produce true random numbers, and yet others may use a combination of both techniques.
Security: Consequently, the java.util.Random class must not be used either for security-critical applications or for protecting sensitive data.
jyuan_us United States Local time: 00:11 Native speaker of: Chinese PRO pts in category: 1750