Pseudo Random Number Generator

Tags

, ,

links:
https://www.veracode.com/blog/research/cryptographically-secure-pseudo-random-number-generator-csprng
https://tersesystems.com/blog/2015/12/17/the-right-way-to-use-securerandom/
https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#SecureRandom
https://stackoverflow.com/questions/27622625/securerandom-with-nativeprng-vs-sha1prng

summary:
– java and linux has a config in java.security called “strongAlgorithm”, securerandom.strongAlgorithms=NativePRNGBlocking:SUN (default on redhat)
– this code is retrieving from this config,
SecureRandom strongRNG = SecureRandom.getInstanceStrong() ;
– there is blocking /dev/random and non-blocking /dev/urandom
– rngd is a possible workaround to mitigate blocking PRNG from blocking
– on windows, SHA1PRNG is the default so seldom seeing blocking
 

Advertisements