We are using SecureRandom
as follows (using Java8
):
import java.security.SecureRandom;
private SecureRandom random = new SecureRandom();
The algorithm being used is NativePRNG
.
Should we seed periodically?
as it's written that NativePRNG is continuously receives entropy from the operating system (by reading from /dev/(u)random)
What do you think?
https://www.synopsys.com/blogs/software-security/proper-use-of-javas-securerandom/ suggests to reseed SecureRandom instances when "large amount of PRNG output" is generated. However, it is not specific about what counts as large amount. This likely depends on the used SecureRandom algorithm.
The Java doc does not state that reseeding will take place. If a specific algorithm supports it, you will need to explicitly specify that algorithm when calling SecureRandom.getInstance
.
In Java 9 DRBG implementations were added (JEP 273) which are based on NIST.SP.800-90Ar1. This specifies that generators should reseed themself when the end of the seedlife has been reached. And you can also see that this is implemented accordingly: sun.security.provider.AbstractDrbg
(field reseedCounter
)
However, keep in mind there is no requirement that all Java platforms need to support DRBG (though likely most will). Therefore handle the case that it is not available appropriately or include a security provider which provides a DRBG.