100218: BigInteger staticRandom field

Doug Lea dl at cs.oswego.edu
Thu Jan 5 17:58:32 UTC 2012


On 01/05/12 01:02, Bill Pugh wrote:

> So I think the right thing to do is to abandon the original patch, and instead
> make the following changes:
>
>     * add the following method to BigInteger public boolean
>       *isProbablePrime*(int certainty, Random end) , which allows primality
>       testing with arbitrary Random objects. In many cases, using a well seeded
>       normal Random object will work just fine, and this will give users the
>       ability to provide their own Random objects
>     * Document SecureRandom to note that all instances of SecureRandom depend on
>       a common shared source of randomness, and thus it can be a concurrency
>       bottlenck.
>     * Document that BigInteger.*isProbablePrime*(int certainty) is a concurrency
>       bottleneck.

This all sounds perfect to me.
Joe Darcy - do you have any thoughts?

>     * Add java.util.concurrent.MostlySecureRandom which uses /dev/random for
>       seeding, and uses only the SHA1PRNG implementation provided by
>       sun.security.provider.SecureRandom to generate subsequent randomness. Feel
>       free to pick a name other than MostlySecureRandom. After the initial
>       seeding, calls to generate randomness using a MostlySecureRandom should
>       not use any shared values.

I think the only question is whether, given low expected usage, it would be
OK just to explain how to do this in some javadoc, and also provide in some
jsr166<n>.extras package.

-Doug




More information about the core-libs-dev mailing list