当前位置:网站首页>SecureRandom那些事|真伪随机数
SecureRandom那些事|真伪随机数
2022-07-05 19:46:00 【步尔斯特】
前面的几篇文章,介绍了随机数的几种生成方式,那么什么是伪随机数呢?
所谓伪随机数,是指只要给定⼀个初始的种⼦,产⽣的随机数序列是完全⼀样的。
for (int i = 0; i < 10; i++) {
Random random = new Random(123);
int randomValue = random.nextInt(10);
System.out.println(randomValue);
}
当我们初始化Random不给定种子的时候,会默认给定当前的时间作为种子。
/** * Creates a new random number generator. This constructor sets * the seed of the random number generator to a value very likely * to be distinct from any other invocation of this constructor. */
public Random() {
this(seedUniquifier() ^ System.nanoTime());
}
跟踪
* @return the current value of the running Java Virtual Machine's
* high-resolution time source, in nanoseconds
* @since 1.5
*/
public static native long nanoTime();
那么,什么是真随机数呢?
真正的真随机数只能通过量⼦⼒学原理来获取,⽽我们想要的是⼀个不可预测的安全的随机
数,SecureRandom就是⽤来创建安全的随机数的:
SecureRandom sr = new SecureRandom();
System.out.println(sr.nextInt(100));
SecureRandom⽆法指定种⼦,它使⽤RNG(random number generator)算法。JDK的SecureRandom实际上有多种不同的底层实现,有的使⽤安全随机种⼦加上伪随机数算法来产⽣安全的随机数,有的使⽤真正的随机数⽣成器。
实际使⽤的时候,可以优先获取⾼强度的安全随机数⽣成器,如果没有提供,再使⽤普通等级的安全随机数⽣成器:
import java.util.Arrays;
import java.security.SecureRandom;
import java.security.NoSuchAlgorithmException;
public class Main {
public static void main(String[] args) {
SecureRandom sr = null;
try {
// 获取⾼强度安全随机数⽣成器
sr = SecureRandom.getInstanceStrong();
} catch (NoSuchAlgorithmException e) {
// 获取普通的安全随机数⽣成器
sr = new SecureRandom();
}
}
SecureRandom的安全性是通过操作系统提供的安全的随机种⼦来⽣成随机数。
这个种⼦是通过CPU的热噪声、读写磁盘的字节、⽹络流量等各种随机事件产⽣的“熵”。
在密码学中,安全的随机数⾮常重要。如果使⽤不安全的伪随机数,所有加密体系都将被攻破。
因此,时刻牢记必须使⽤SecureRandom来产⽣安全的随机数。
边栏推荐
- 使用easyexcel模板导出的两个坑(Map空数据列错乱和不支持嵌套对象)
- [untitled]
- 安卓面试宝典,2022Android面试笔试总结
- Common operators and operator priority
- The binary string mode is displayed after the value with the field type of longtext in MySQL is exported
- S7-200smart uses V90 Modbus communication control library to control the specific methods and steps of V90 servo
- gst-launch的-v参数
- 线程池参数及合理设置
- 【C语言】字符串函数及模拟实现strlen&&strcpy&&strcat&&strcmp
- Fundamentals of deep learning convolutional neural network (CNN)
猜你喜欢
MMO項目學習一:預熱
How to apply smart contracts more wisely in 2022?
What does software testing do? What are the requirements for learning?
Hiengine: comparable to the local cloud native memory database engine
How to realize the Online timer and offline timer in the game
Summer Challenge database Xueba notes, quick review of exams / interviews~
Oracle fault handling: ora-10873:file * needs to be either taken out of backup or media recovered
建议收藏,我的腾讯Android面试经历分享
[hard core dry goods] which company is better in data analysis? Choose pandas or SQL
ACM getting started Day1
随机推荐
国信证券在网上开户安全吗?
Mysql如何对json数据进行查询及修改
通配符选择器
Reptile exercises (II)
Two pits exported using easyexcel template (map empty data columns are disordered and nested objects are not supported)
Redis cluster simulated message queue
How to apply smart contracts more wisely in 2022?
The binary string mode is displayed after the value with the field type of longtext in MySQL is exported
全网最全的低代码/无代码平台盘点:简道云、伙伴云、明道云、轻流、速融云、集简云、Treelab、钉钉·宜搭、腾讯云·微搭、智能云·爱速搭、百数云
S7-200SMART利用V90 MODBUS通信控制库控制V90伺服的具体方法和步骤
JAD installation, configuration and integration idea
Bitcoinwin (BCW)受邀参加Hanoi Traders Fair 2022
How to choose the notion productivity tools? Comparison and evaluation of notion, flowus and WOLAI
PG basics -- Logical Structure Management (user and permission management)
Using repositoryprovider to simplify the value passing of parent-child components
How to safely and quickly migrate from CentOS to openeuler
JMeter 常用的几种断言方法,你会了吗?
Force buckle 729 My schedule I
再忙不能忘安全
Do you know several assertion methods commonly used by JMeter?