8020292: j.u.SplittableRandom

Mike Duigou mike.duigou at oracle.com
Mon Aug 19 19:04:35 UTC 2013

Looks pretty good. Two points concern me:

- Every source of non-crypto quality randoms should explicitly document that it should not be used for generating keys or other crypto purposes. There is mention that the seeding is insecure in the implementation docs but more explicit mention in the public docs is needed. (And some fool somewhere will *still* use it for crypto...)

- Additional seed material might be desirable for "seeder". I worry about how many of the actual bits are random. If no local host address is available the seed might be fairly predictable. In the murmur3 implementation I included also System.identityHashCode(String.class), System.identityHashCode(System.class), System.identityHashCode(Thread.currentThread()), Thread.currentThread().getId() and Runtime.getRuntime().freeMemory(). Mixing multiply with XOR operations also helps to spread the random bits out. Perhaps just call mix64 on each component and XOR against previous?


On Aug 19 2013, at 04:06 , Paul Sandoz wrote:

> Hi,
> This is the patch for SplittableRandom:
>  http://cr.openjdk.java.net/~psandoz/tl/JDK-8020292-SplittableRandom/webrev/
> The algorithm remains the same as reported by Doug on the 9th August:
>  http://mail.openjdk.java.net/pipermail/core-libs-dev/2013-August/019768.html
> Paul.

More information about the core-libs-dev mailing list