Is there a Java 8 implementation of a random generator supporting NIST standards?

Tags: , , , ,



I am trying to securely generate random numbers. It must support NIST standards, that is NIST SP 800-90A, SP 800-90B, SP 800-90C. I’ve read that Java 9 has an implementation of SecureRandom supporting such standards.

My question is: is there an implementation supporting these standards in Java 8 (I am using Android)? Ideally I would like it to be built-in but otherwise what would you advise?

Answer

If I am reading “The Bouncy Castle FIPS Java API in 100 Examples” by David Hook (page 12) correctly, the FIPS release of Bouncy Castle provides implementations of the 3 DRBGs described in NIST SP 800-90A.

You can find more information about the Bouncy Castle Java FIPs project here.

Other FIPS certified JCSE provider implementations may also support this. (I have not investigated …)



Source: stackoverflow