Randomly Failed! The State of Randomness in Current Java Implementations

Kai Michaelis, Christopher Meyer, Jörg Schwenk

Cryptography track at RSA Conference 2013 (CT-RSA 2013)


This paper investigates the Randomness of several Java Runtime Libraries by inspecting the integrated Pseudo Random Number Generators. Significant weaknesses in different libraries including Android, are uncovered.

[Paper] [Slides]

Tags: Java, PRNG, Randomness