SecureRandom.

Arjun Khanna (arjun@jump.net)
Thu, 25 Feb 1999 16:14:53 -0600

Message-Id: <3.0.1.32.19990225161453.00d9d790@pop.jump.net>
Date: Thu, 25 Feb 1999 16:14:53 -0600
To: java-security@java.sun.com
From: Arjun Khanna <arjun@jump.net>
Subject: SecureRandom.

Hi Folk:
I am working on a project currently, where I have to evaluate, read up on,
and give an informed opinion on the java.security.SecureRandom class and
how it is seeded.

And if possible- add a source or two of entropy to the random number
generation.

I am looking for some references, code samples, pointers - just about
anything. We have a client side and server side app. The client side is
constrained by an applet environment- which likely will not be signed- so
we cant' rely on algorithms that depend on disk seeks etc. to do this.

We could - use keystrokes and mouse movements as shown in :

http://java.oreilly.com/news/knudsen/java_1197.html on the client side. We
could use packet arrival times on the server side (we have our own socket
factories and a wrapper around some socket read/write routines).

Other suggestions?

Thanks.
-Arjun