RFR 8066397 Remove network-related seed initialization code in ThreadLocal/SplittableRandom
martinrb at google.com
Wed Dec 3 23:32:12 UTC 2014
On Wed, Dec 3, 2014 at 2:15 PM, Doug Lea <dl at cs.oswego.edu> wrote:
> No public API because systemSeed need only be implemented
> inside TLR, for its initial seed. Then the others can get their seeds
> using ThreadLocalRandom.current().nextLong(), unless
> java.util.secureRandomSeed is set (which I didn't illustrate above).
> In other words, across all non-secure generators, you only need
> one system-generated seed.
That's good enough for seeding other non-cryptographically secure
PRNGs, but if you want each caller to get a
cryptographically secure random number, you need to avoid correlations
between them that would arise when you use a non-CS PRNG to generate
them from a single CS seed.
More information about the core-libs-dev