SecureRandom.getInstance("DRBG") 使用的实际算法是什么?

What actual algorithm is used by SecureRandom.getInstance("DRBG")?

Java 9 (JSR 379) introduces the NIST DRBG's as specified in JEP 273. However, the NIST document SP 800-90Ar1 (NIST Special Publication 800-90A Revision 1: Recommendation for Random Number Generation Using Deterministic Random Bit Generators) 指定了树机制的总数:

Implement the three DRBG mechanisms (Hash_DRBG, HMAC_DRBG, CTR_DRBG) in 800-90Ar1 (on all platforms).

但是,尽管您可能希望我们现在可以使用三种方法来创建此类安全随机算法:

  1. SecureRandom.getInstance("Hash_DRBG")
  2. SecureRandom.getInstance("HMAC_DRBG")
  3. SecureRandom.getInstance("CTR_DRBG")

可能有各种配置参数,我们好像只有一个:

  1. SecureRandom.getInstance("DRBG")

那么开发人员如何配置和检测使用了哪一种算法?

来自JEP

A new SecureRandomParameters interface so that additional input can be provided to the new SecureRandom methods.

从那里我们到达 DrbgParameters 上面写着

Implementation Note:

The following notes apply to the "DRBG" implementation in the SUN provider of the JDK reference implementation. This implementation supports the Hash_DRBG and HMAC_DRBG mechanisms with DRBG algorithm SHA-224, SHA-512/224, SHA-256, SHA-512/256, SHA-384 and SHA-512, and CTR_DRBG (both using derivation function and not using derivation function) with DRBG algorithm AES-128, AES-192 and AES-256.

The mechanism name and DRBG algorithm name are determined by the security property securerandom.drbg.config. The default choice is Hash_DRBG with SHA-256.

因此,依赖于实现并具有默认实现,只能通过 属性 切换。

在调用 SecureRandom 之前使用 Security.SetProperties:

Security.setProperty("securerandom.drbg.config", "Hash_DRBG");

SecureRandom random = SecureRandom.getInstance("DRBG");

有关更多信息,本文提供了一些深入的信息: https://metebalci.com/blog/everything-about-javas-securerandom/