random - I'd like to understand Java's SecureRandom object -


While trying to do an early crypto course, I am trying to catch Java with SecureRandem object. I think that I understand that:

a) No matter how long you know the sequence of random numbers, there is no way to predict the next random number in the sequence.

B) No matter how long the sequence of random numbers you know, there is no way to know which seed is used in addition to animal projections.

c) You can request a safe random number of different sizes.

d) You can have a newly created SRGN seed with different different sizes of values. Every newly created SRNG you create and the seed with the same value will produce the same sequence of random numbers.

I should add that I'm assuming that this code is used on Windows: 

  random sr = secureorendam Gate instant ("SHA1PRNG", "SUN");   
 Is my basic understanding correct? thank you in advanced.  
 I have a few more questions which are quite expert in crypto. They are related to sowing seeds for SRGG, because it is used to give seeds first.  
 e) If you keep the SRGN seed for a long time with an integer, as opposed to an array of 8 bytes?  
 f) If I say, with an SRGN seed, 256 bytes is any other seed which can produce the same sequence of random numbers?  
> G) Is there any type of optimum seed size? I feel that this may be a useless question.  
 h) If I encrypt SRGG with an SRGN, then say that 256 bytes are getting it to generate random bytes with the bytes in XOR. Plain text, which would be easy to ejectrooper to decrypt the ciphertext? How long can it take? Do I have a right to think that the person who is secretly talking about 256-byte seeds will have to know, guess or compute?  
 I have seen previous questions about Secureand and no one is answering my special concerns. If any of these questions seems too silly, then I want to repeat that I am beginning a lot in studying this area. I am very grateful for any input because I want to understand how Java SecureRendum objects can be used in cryptography.   
  
 OK, in order:  
 a) Correct  < P> b) Correct  
 c) Correct, you can also request a number in a range [0], using  nextInt (n)   Correct as correct as 
 d): The implementation of SHA1PRNG is not defined publicly by any algorithm and there are indications that the implementation   has changed over time, so it Only true for the sun provider, and then only a special As the Runtime Configuration  
 e) the API clearly indicates that all the bytes are used within the long time ("Using the eight bytes contained in the given light bead") state There should be no difference in the amount of entropy added in the  
 Note that quick check shows that  setSeed (long)  is completely set by the  setSeed (byte [])  with the main difference that seed o  The long value is always mixed with the randomness received from the system, even if it is the first call after the creation of the  safe-random  example.  
 f) Yes - An infinite number produces the same stream; Because a hash function is used, however  
 g) If you mix in additional entropy, then more entropy is better, but there is no minimum; If you use it as the only seed, then you should not start with seed less than 20 seeds, this is: If you want to keep seeds like security hurdles, similar to the internal condition of PRNG,  
 And I will add that if you use less than 64 bytes of entropy, then you are definitely in the danger zone. Note that 1 bit of entropy does not always mean 1 bit in a byte. In a byte array of size 8, the 64-bit entropy can be  or less .  
 h) which is basically a hash-based stream cipher; It is safe, so an attacker has no chance ( Given that you do not reuse seeds) ), but it is very unbelievable (see the answer D) and slow stream cipher , So please do not do it anytime -  with cipher  with  "AES / CTR / no padding"  or  "AES / gcm / no padding"  Instead of    use

Comments

Post a Comment

Popular posts from this blog

Java - Error: no suitable method found for add(int, java.lang.String) -

I'm in the middle of homework work and I'm stuck. At this point in my code, I think that I should have a GUI window that opens and allows me to type "inserted text number". Notice is not going anywhere but at this point, If I pass through the problem then it will be in a linked list. I am getting two of the same error for the lines. Add (index, element); And I can not seem to get past it, there is no suitable method for the error "add (int, java. string string)". Code is below, please advise. To clarify - this will not be a method error because it is a linked list. There should not be any way involved. import java.awt. *; Import java.awt.event. *; Import javax.swing. *; Import java.util. *; Import java.util.Scanner; Import java.util.LinkedList; Public class TopTenList JFrame {Private TopTenList tt; See the Private JTextArea list; Private JTextField cmdTextField; Private JTextField resultsTestfield; // This GUI window is the code for the public toptist...
Read more

java - JPA TypedQuery: Parameter value element did not match expected type -

I am using JPA 2.0 and getting the following code in the DAO layer: Public Zero Test () {string key = "status"; String [] Conditions = {"A", "B"}; & Lt; TestTable & gt; Results = Search (Keys, Conditions); } Public listing & lt; TestTable & gt; Search (string key, object value error) {string sql = "test ndf to testlet and jade nand." + Key + "in:" + key; TypedQuery & LT; TestTable & gt; Query = entityManager.createQuery (SQL, TestTable.class); Query.setParameter (key, Arrays.asList (valueArr)) / *** Error Line *** Return query.getResultList (); } In the above error line, it throws the following exception: java.lang.IllegalArgumentException: parameter value element [[Ljava.lang.String; @ cbe5bc] did not match the expected type [java.lang.String] Why is this expected type string while actually this string []? Please help! Note: This is derived from the normal routine and is a simplified code. I can no...
Read more

c++ - static template member variable has internal linkage but is not defined -

Yes, I know, there is a question with almost the same title, but it refers to a different situation. Error message) In my case, I have a .cpp file with a big named designation name (implementation details). There is a property class template with a static data member in that name space, which I need to access from outside the unknown namespace. I give it a little bit of meat: file.hpp namespace Bar {template & lt; Typename A & gt; Struct foo {static_assert (is_same & lt; a, float & gt; :: value} is_same & lt; a, double>: value, ""); Fixed zero set_static_var (a const & x); // ...}; } and file.cpp namespace {template & lt; Typename A & gt; Struct foo_traits {// supports the implementation of several static code bars: foo & lt; & Gt; Fixed A data; }; The template's & lt; & Gt; Float foo_traits & lt; Float & gt; :: datum; // No change if this is in the global namespace template & lt; & Gt; Doub...
Read more