On Wed, Dec 3, 2014 at 2:15 PM, Doug Lea <d...@cs.oswego.edu> wrote: > No public API because systemSeed need only be implemented > inside TLR, for its initial seed. Then the others can get their seeds > using ThreadLocalRandom.current().nextLong(), unless > java.util.secureRandomSeed is set (which I didn't illustrate above). > In other words, across all non-secure generators, you only need > one system-generated seed.
That's good enough for seeding other non-cryptographically secure PRNGs, but if you want each caller to get a cryptographically secure random number, you need to avoid correlations between them that would arise when you use a non-CS PRNG to generate them from a single CS seed.