Java 9 (JSR 379) introduces the NIST DRBG's as specified in JEP 273. However, the NIST document SP 800-90Ar1 (NIST Special Publication 800-90A Revision 1: Recommendation for Random Number Generation Using Deterministic Random Bit Generators) specifies a total of tree mechanisms:
Implement the three DRBG mechanisms (Hash_DRBG, HMAC_DRBG, CTR_DRBG) in 800-90Ar1 (on all platforms).
However, although you might expect that we would now have three methods to create such secure random algorithms:
SecureRandom.getInstance("Hash_DRBG")SecureRandom.getInstance("HMAC_DRBG")SecureRandom.getInstance("CTR_DRBG")
possibly with various configuration parameters, we seem to have only one:
SecureRandom.getInstance("DRBG")
So how can the developer configure and detect which one of the algorithms is used?
From the JEP
A new SecureRandomParameters interface so that additional input can be provided to the new SecureRandom methods.
From there we get to DrbgParameters which says
Implementation Note:
The following notes apply to the "DRBG" implementation in the SUN provider of the JDK reference implementation. This implementation supports the Hash_DRBG and HMAC_DRBG mechanisms with DRBG algorithm SHA-224, SHA-512/224, SHA-256, SHA-512/256, SHA-384 and SHA-512, and CTR_DRBG (both using derivation function and not using derivation function) with DRBG algorithm AES-128, AES-192 and AES-256.
The mechanism name and DRBG algorithm name are determined by the security property securerandom.drbg.config. The default choice is Hash_DRBG with SHA-256.
So, implementation dependent and with default impl, switchable only with a property.
Use Security.SetProperties before calling SecureRandom:
Security.setProperty("securerandom.drbg.config", "Hash_DRBG");
SecureRandom random = SecureRandom.getInstance("DRBG");
For more information this article provides some in-depth info: https://metebalci.com/blog/everything-about-javas-securerandom/
来源:https://stackoverflow.com/questions/58304220/what-actual-algorithm-is-used-by-securerandom-getinstancedrbg