Class NonBlockingCSPRNG

  • public class NonBlockingCSPRNG
    extends RandomSource
    Non-blocking cryptographically secure pseudo random number generator (CSPRNG) for applications where the system is mostly idle, and the call time of nextBytes() is truly random. The former condition (idle) causes SecureRandom to block due to lack of entropy from operating system events. This is mitigated by managing entropy collection within the application according to use cases. For contact tracing applications, system uptime is truly unpredictable because the attacker cannot know when the app first started, or restarted. Furthermore, the elapsed time between requests for random data (to generate the pseudo device address) is also truly unpredictable because it depends on the state of the currently registered devices in the BLEDatabase, and also the proximity and processing speed of devices in the user environment. Finally, for additional assurance, entropy can also be gathered from the mac addresses of encountered devices, where the majority of, if not all, addresses should have been generated from their own SecureRandom source. As an overview, this CSPRNG is based on: - Random seed derived from entropy gathered from truly random events - Deterministic PRNG offering uniform distribution of random values given the initial seed - Crytographic hash function for separating random values from the random seed The expectation is that it will be possible to identify a random seed that yielded an individual observation, and also a seed that yielded consecutive values using brute force methods. However, this is intentional as the design aims to ensure observations are associated with most candidate seeds (2^61 out of 2^64). This deliberate strategy makes an attack unattractive due to the level of uncertainty. The ability to rapidly find one of the seeds is evidence to show the attacker that little information has been gained for exploitation, as the identified seed is just one of many candidates. Running the process for a long period will show there are multiple seeds that can yield the observations.
    • Constructor Detail

      • NonBlockingCSPRNG

        public NonBlockingCSPRNG()
    • Method Detail

      • nextBytes

        public void nextBytes​(@NonNull
                              byte[] bytes)
        Description copied from class: RandomSource
        Get random bytes from the random source.
        Specified by:
        nextBytes in class RandomSource
        bytes - Fill byte array with random data.
      • nextInt

        public int nextInt()
        Description copied from class: RandomSource
        Get random int value from random source.
        nextInt in class RandomSource
        Random int value derived from 4 random bytes.
      • nextLong

        public long nextLong()
        Description copied from class: RandomSource
        Get random long value from random source.
        nextLong in class RandomSource
        Random long value derived from 8 random bytes.