On Wed, Dec 3, 2014 at 2:15 PM, Doug Lea <d...@cs.oswego.edu> wrote:

> No public API because systemSeed need only be implemented
> inside TLR, for its initial seed. Then the others can get their seeds
> using ThreadLocalRandom.current().nextLong(), unless
> java.util.secureRandomSeed is set (which I didn't illustrate above).
> In other words, across all non-secure generators, you only need
> one system-generated seed.

That's good enough for seeding other non-cryptographically secure
PRNGs, but if you want each caller to get a
cryptographically secure random number, you need to avoid correlations
between them that would arise when you use a non-CS PRNG to generate
them from a single CS seed.

Reply via email to