โ— Shell
clean mode source โ†—

Strong random generation

Code Comparison

// Default algorithm โ€” may not be
// the strongest available
SecureRandom random =
    new SecureRandom();
byte[] bytes = new byte[32];
random.nextBytes(bytes);
// Platform's strongest algorithm
SecureRandom random =
    SecureRandom.getInstanceStrong();
byte[] bytes = new byte[32];
random.nextBytes(bytes);

Why the modern way wins

๐Ÿ›ก๏ธ

Strongest available

Automatically selects the best algorithm for the platform.

๐Ÿ“–

Explicit intent

Clearly communicates that strong randomness is required.

๐Ÿ”ง

Configurable

Administrators can change the strong algorithm via security properties.

Old Approach

new SecureRandom()

Modern Approach

getInstanceStrong()

JDK Support

Strong random generation

Available

Widely available since JDK 9 (Sept 2017)

How it works

getInstanceStrong() returns the SecureRandom implementation configured as the strongest on the platform. This is controlled by the securerandom.strongAlgorithms security property.

Related Documentation

Proof