Unlike the java.util.Randomclass, the java.security.SecureRandomclass must produce non-deterministic output on each call.

与java.util.Random类不同，java.security.SecureRandom类必须在每次调用时产生非确定性输出。

What that means is, in case of java.util.Random, if you were to recreate an instance with the same seed each time you needed a new random number, you would essentially get the sameresult every time. However, SecureRandomis guaranteed to NOT do that - so, creating a single instance or creating a new one each time does notaffect the randomness of the random bytes it generates.

这意味着，在 的情况下java.util.Random，如果每次需要新的随机数时都使用相同的种子重新创建实例，则每次基本上都会得到相同的结果。但是，SecureRandom保证不会这样做 - 因此，每次创建单个实例或创建一个新实例都不会影响它生成的随机字节的随机性。

So, from just normal good coding practices view point, why create too many instances when one will do?

那么，从正常的良好编码实践的角度来看，为什么要创建太多实例呢？

For SecureRandomyou would want to consider occasionally reseeding (using system entropy in most cases) via a call like so:

对于SecureRandom，您可能需要考虑通过如下调用偶尔重新播种（在大多数情况下使用系统熵）：

mySecureRandom.setSeed(mySecureRandom.generateSeed(someInt));

so as to give a potential attacker something less than unlimited time to discover your key.

以便给潜在的攻击者一些少于无限时间的时间来发现您的密钥。

There's some great writeups about this consideration at the Justice Leagueblog.

在正义联盟博客上有一些关于这个考虑的很棒的文章。

Initialize a static instance and use it for all key pairs. It won't be any more or less random.

初始化一个静态实例并将其用于所有密钥对。它不会或多或少是随机的。

Every SecureRandomgeneration is seeded from some entropy pool. Depending on the OS used, this might be the entropy pool maintained by the OS like /dev/randomon Linux, or might be something that the JVM cooks up. In some earlier implementations, the Sun JVM used to spawn a number of threads and use their timing data to create the seed.

每SecureRandom一代都是从某个熵池中播种的。根据所使用的操作系统，这可能是由操作系统维护的熵池，如/dev/random在 Linux 上，或者可能是 JVM 编造的东西。在一些早期的实现中，Sun JVM 过去常常产生多个线程并使用它们的计时数据来创建种子。

Creating a new SecureRandomon every call might cause slow down of the application since creation of the seed might be blocking. Its better to reuse the a statically created instance, but make sure to reseed it after a fixed number random bytes are extracted from it.

SecureRandom在每次调用时创建一个新的可能会导致应用程序变慢，因为种子的创建可能会被阻塞。最好重用静态创建的实例，但确保在从中提取固定数量的随机字节后重新播种。

You may want to create a wrapper over a SecureRandominstance which counts the number of bytes extracted in nextBytesor generateSeedcalls and after a number of bytes, reseeds the internal SecureRandominstance by using system entropy pool.

您可能希望在SecureRandom实例上创建一个包装器，该包装器计算在nextBytes或generateSeed调用中提取的字节数，并在多个字节之后，SecureRandom使用系统熵池为内部实例重新设定种子。

The wrapper approach however is not possible on Java on Linux since the SecureRandominstance you get from new SecureRandom()is nothing but a wrapper on /dev/randomand every call for nextBytesor generateSeedactually drains the OS entropy pool. On Linux and Solaris, its better to use a JCE provider for SecureRandomcreation.

然而，包装器方法在 Linux 上的 Java 上是不可能的，因为SecureRandom您从 new 获得的实例SecureRandom()只不过是一个包装器，/dev/random并且每次调用nextBytes或generateSeed实际耗尽操作系统熵池。在 Linux 和 Solaris 上，最好使用 JCE 提供程序进行SecureRandom创建。

I would not rely on SecureRandom to be anything other than a cryptographically secure PRNG. The complete quote that Gowri is using from the javadocs is:

我不会依赖 SecureRandom 成为加密安全 PRNG 以外的任何东西。Gowri 在 javadocs 中使用的完整引用是：

Additionally, SecureRandom must produce non-deterministic output and therefore it is required that the seed material be unpredictable and that output of SecureRandom be cryptographically strong sequences as described in RFC 1750: Randomness Recommendations for Security.

此外，SecureRandom 必须产生非确定性输出，因此要求种子材料是不可预测的，并且 SecureRandom 的输出是加密强序列，如 RFC 1750：安全性随机性建议中所述。

It's less than clear from this what the real expectation is - RFC 1750 details the use of hardware to enhance random number generation, but the javadocs say "therefore it is required that the seed material be unpredictable", which would seem to contradict this.

从中不太清楚真正的期望是什么 - RFC 1750 详细说明了使用硬件来增强随机数生成，但 javadoc 说“因此要求种子材料是不可预测的”，这似乎与此矛盾。

The safest assumption to work on is that your implementation of SecureRandom is simply a cryptographically-secure PRNG, and therefore that your keys are no more secure than the random seed that you use. Thus, initializing a new SecureRandom with a new (unique, truly random) seed for each key would be the safest bet.

最安全的假设是您的 SecureRandom 实现只是一个加密安全的 PRNG，因此您的密钥并不比您使用的随机种子更安全。因此，为每个密钥使用新的（唯一的、真正随机的）种子初始化新的 SecureRandom 将是最安全的选择。

Once should be enough. My experience has also been that initializing SecureRandom type generators can sometimes be slow as well (due to how randomness is achieved), so you should take that into consideration.

一次应该就够了。我的经验也是，初始化 SecureRandom 类型生成器有时也会很慢（由于随机性是如何实现的），所以你应该考虑到这一点。

Why would you want to create a new instance every time? It's not like that would be morerandom. I think it would be best to initialize once and use it for all pairs.

为什么每次都想创建一个新实例？这不会更随机。我认为最好初始化一次并将其用于所有对。