31 lines
1.3 KiB
Markdown
31 lines
1.3 KiB
Markdown
## java.util.Random
|
|
|
|
a) Numbers are generated using a linear congruential generator. They are pseudorandom and the algorithm accepts a 48-bit seed.
|
|
|
|
b) `java.util.Random` produces uniformly distributed pseudorandom numbers.
|
|
|
|
c) No, in the documentation `SecureRandom` is recommended as a good alternative for cryptographic use-cases.
|
|
|
|
## java.lang.Math.random()
|
|
|
|
java.lang.Math.random() is a wrapper for java.util.Random (therefore same as above).
|
|
|
|
## java.security.SecureRandom
|
|
|
|
a) A unpredictable source of randomness should be used, but the algorithm in use can vary since `SecureRandom.getInstance("algorithm")` exists. Multiple ones are available.
|
|
|
|
b) The distribution of numbers is completely random and unpredictable.
|
|
|
|
c) Yes, hence the name, `SecureRandom`.
|
|
|
|
## /dev/random
|
|
|
|
a) The random number generator gathers environmental noise from device drivers and other sources into an entropy pool. It keeps an estimate of the number of bits of noise in the entropy pool. From this entropy pool, random numbers are created.
|
|
|
|
b) The distribution of numbers is completely random and unpredictable.
|
|
|
|
c) Yes, all use cases are fine.
|
|
|
|
## /dev/urandom
|
|
|
|
Preferred to random except for applications that require randomness at early boot time since it is not available there. The rest is the same as for `dev/random`. |