Reputation: 38930
JDK 1.7 Secure Random Generator seeding & unpredictability
I am planning to implement MersenneTwister algorithm for random generation. Since it is not secure, looking for setting a seed derived from SecureRandom
SecureRandom secureRandomGenerator = SecureRandom.getInstance("SHA1PRNG");
int seedSize = 100;
int[] seed = new int[seedSize];
for (int i=0; i <seedSize; i++) {
seed[i] = secureRandomGenerator.nextInt(Integer.MAX_VALUE);
}
randomGenerator = new MersenneTwister(seed);
I have two queries
1) Setting a seed to SHA1PRNG is bad idea or good idea?
2) If it is good idea, what is the best way to set seed for SHA1PRNG to improve unpredictability?
Upvotes: 0
Views: 440
Answers (1)
Reputation: 100249
I think if it's just seed, you are using it only once per application launch, so it's not a big security problem. Any good secure random algorithm (including SHA1PRNG) would be nice for the seed. The most problematic place is the Mersenne twister itself. At least it's original implementation is not secure regardless of the seed source as stated in Wikipedia:
The algorithm in its native form is not cryptographically secure. The reason is that observing a sufficient number of iterations (624 in the case of MT19937, since this is the size of the state vector from which future iterations are produced) allows one to predict all future iterations.
Thus regardless of the seed source the Mersenne twister can be compromised if an attacker manages to get enough numbers from it.
Upvotes: 3
Related Questions
- Is SecureRandom weaken when seed with Random?
- True random generation in Java
- Linux/Java - Change Seed Source of SecureRandom
- SecureRandom self-seeding
- seeding secure random in java
- java random number generator and their distribution
- Weird behaviour when seeding Java Random
- Java SecureRandom internal state
- How does the seed value passed to Java's random number generator effect its output?
- No Secure Random Number Generators Available in JDK