[
https://issues.apache.org/jira/browse/CRYPTO-93?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Xianda Ke updated CRYPTO-93:
----------------------------
Description:
Add a default factory method to provide simpler API, and use the better
hardware random by default.
OpensslCryptoRandom uses hardware random number generator if hardware
supports.
Hardware random number generators are almost always better to use than a
software based generator. Hardware generators are often called True Random
Number generators (TRNG) or Non-Deterministic Random Number Generators since
they don't rely on the deterministic behavior of executing software
instructions. Their bits streams are nearly always indistinguishable from
random streams, and their entropy is always nearly 100%.
Modern Intel CPUs(3rd generation Core i5 or i7 processor (Ivy Bridge) or above)
do support random number generator, it is better to provide a default
API(openssl implementation) for the client user.
{code}
// By default, use True Random Number Generator (hardware random)
// Simpler API. client code is clean.
CryptoRandom random = ryptoRandomFactory.getCryptoRandom();
byte[] key = new byte[16];
random.nextBytes(key);
random.close();
{code}
was:
Add a default factory method to provide simpler API and better hardware random.
OpensslCryptoRandom uses hardware random number generator if hardware
supports.
Hardware random number generators are almost always better to use than a
software based generator. Hardware generators are often called True Random
Number generators (TRNG) or Non-Deterministic Random Number Generators since
they don't rely on the deterministic behavior of executing software
instructions. Their bits streams are nearly always indistinguishable from
random streams, and their entropy is always nearly 100%.
Modern Intel CPUs(3rd generation Core i5 or i7 processor (Ivy Bridge) or above)
do support random number generator, it is better to provide a default
API(openssl implementation) for the client user.
{code}
// By default, use True Random Number Generator (hardware random)
// Simpler API. client code is clean.
CryptoRandom random = ryptoRandomFactory.getCryptoRandom();
byte[] key = new byte[16];
random.nextBytes(key);
random.close();
{code}
> add a factory method to provide simpler API
> -------------------------------------------
>
> Key: CRYPTO-93
> URL: https://issues.apache.org/jira/browse/CRYPTO-93
> Project: Commons Crypto
> Issue Type: Bug
> Reporter: Xianda Ke
> Assignee: Xianda Ke
>
> Add a default factory method to provide simpler API, and use the better
> hardware random by default.
> OpensslCryptoRandom uses hardware random number generator if hardware
> supports.
> Hardware random number generators are almost always better to use than a
> software based generator. Hardware generators are often called True Random
> Number generators (TRNG) or Non-Deterministic Random Number Generators since
> they don't rely on the deterministic behavior of executing software
> instructions. Their bits streams are nearly always indistinguishable from
> random streams, and their entropy is always nearly 100%.
> Modern Intel CPUs(3rd generation Core i5 or i7 processor (Ivy Bridge) or
> above) do support random number generator, it is better to provide a
> default API(openssl implementation) for the client user.
> {code}
> // By default, use True Random Number Generator (hardware random)
> // Simpler API. client code is clean.
> CryptoRandom random = ryptoRandomFactory.getCryptoRandom();
> byte[] key = new byte[16];
> random.nextBytes(key);
> random.close();
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
