|
6.0 (c) 2002 IAIK, (c) 2003 - 2022 SIC |
|
public class AutoSeedGenerator extends VarLengthSeedGenerator
Basically it continously calls System.currentTimeMillis() and
waits until time has progressed by a certain amount. The number of the calls
made is counted and the lowest bit is used as the next random bit. The time
it waits is automatically adjusted in order to make the call-count large
enough to serve as a reliable random bit source. This class always generates
16 bits at a time, i.e. if you ask it for 17 bits, it will generate 32 bits
and return them as a byte array with four elements.
The speed of random bit generation is dependent on your virtual machine implementation and your execution speed. In general higher clock resolution and faster CPUs will yield a higher bit generation rate. On a Pentium class machine under Windows NT and a JIT compiler you should get about 80-90 bits per second (once it is jitted). Slower or non JIT machines will achieve 40-50 bps. Unix systems will usually perform slightly better and especially have a reduced slowdown as they typically have a hight clock resolution. The JDK seedgenerator is much less dependent on CPU speed but more dependent on the OS and VM implementation. Under Windows NT it does only about 30-40 bps with JIT, under Solaris 40-60 (without JIT!).
Security considerations: This seedgenerator makes extensive use of
System.currentTimeMillis(). An attacker who has full control
over that method could very easily make this seedgenerator generate any seed
he wants. However, if we assume an attacker has that much control over the
virtual machine, alternative seed generators cannot be much better. Still,
this seedgenerator seems to be hardly affected by differences in
implementation of the virtual machine and the
currentTimeMillis() method and *should* work fine on all
systems.
WARNING: Although this class has been subject to a significant amount of testing using the FIPS140Test class under Windows NT, Linux, and Solaris this class should still be considered beta and not used in critical applications, especially under untested operating systems and virtual machine implementations.
seedGenListener| Constructor and Description |
|---|
AutoSeedGenerator()
Create a new AutoSeedGenerator that generates the default amount of random
bits (currently 160).
|
AutoSeedGenerator(int numBits)
Create a new AutoSeedGenerator that generates the specified number of
random bits.
|
| Modifier and Type | Method and Description |
|---|---|
byte[] |
getSeed()
Get the seed.
|
int[] |
getStatus()
Return the status of seed generation.
|
static void |
main(java.lang.String[] args) |
void |
reinit(int numBits)
Sets the number of bits to generate.
|
getDefault, getSeedLength, hasSeedLengthChanged, setDefault, setSeedLengthcallSeedGenListener, getDefault, getDefaultSeedGenerator, seedAvailable, setDefaultSeedGenerator, setSeedGenListenerpublic AutoSeedGenerator()
public AutoSeedGenerator(int numBits)
public void reinit(int numBits)
VarLengthSeedGeneratorgetSeed() gets called.reinit in class VarLengthSeedGeneratornumBits - the number of bits to generatepublic int[] getStatus()
{numBits, numBits}, i.e. it is always ok to call
getSeed().getStatus in class SeedGeneratorpublic byte[] getSeed()
getSeed in class SeedGeneratorpublic static void main(java.lang.String[] args)