• Post Reply Bookmark Topic Watch Topic
  • New Topic

generate 7 digit secure random number using securerandom  RSS feed

 
rodolfo tuble
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I want to generate a 7 digit secure random number combination using javas secureRandom function

I found this code:



The problem with this one is that the length of the numbers is random between 6 or 7 digits, and it includes negative numbers. Is there any way for me to only generate positive digit and limit it to 7 digits, also is this way of using secureRandom safe or could it use some enhancement?
 
Paweł Baczyński
Bartender
Posts: 2087
44
Firefox Browser IntelliJ IDE Java Linux Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can use nextInt(int bound) method for that.
 
rodolfo tuble
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Paweł Baczyński wrote:You can use nextInt(int bound) method for that.


but the nextInt will only create a range between 0 and the number you specified.

I made this code and it worked for me, I needed to do some manipulating of the length of the number though to get what I wanted.

 
Jesper de Jong
Java Cowboy
Sheriff
Posts: 16060
88
Android IntelliJ IDE Java Scala Spring
  • Likes 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Do you mean you want a random number between 1,000,000 and 9,999,999 (inclusive)?

Then just use nextInt() to generate a random number between 0 and 9,000,000 and add 1,000,000.

No while loop necessary.
 
Stephan van Hulst
Saloon Keeper
Posts: 7993
143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm curious about your use-case. Why do you need a cryptographically secure number like this?
 
Campbell Ritchie
Marshal
Posts: 56598
172
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
…and what makes you think a 7‑digit number is cryptographically secure?
 
Stephan van Hulst
Saloon Keeper
Posts: 7993
143
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, in this context, cryptographically secure means that after seeing a sequence of these numbers, an attacker won't be able to predict the next 7 digit number. Using SecureRandom in this way is correct.

Whether the 7 digit number itself is being used correctly depends on the application, but is a security concern and is not related to cryptography.
 
rodolfo tuble
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Jesper de Jong wrote:Do you mean you want a random number between 1,000,000 and 9,999,999 (inclusive)?

Then just use nextInt() to generate a random number between 0 and 9,000,000 and add 1,000,000.

No while loop necessary.


sorry for the late reply, but Oh God! you can do that? Thank you for this I'll change my code right away

Stephan van Hulst wrote:I'm curious about your use-case. Why do you need a cryptographically secure number like this?


I am generating an OTP thus it needs to be secure and random

Campbell Ritchie wrote:…and what makes you think a 7‑digit number is cryptographically secure?


I did some reading and found out that a human brain can retain 7 +- 2 characters, and this OTP needs to be memorized so I chose to stick with 7, as 8 would be too long as well, also 7 digits have a 10,000,000 possible combination.
 
Stephan van Hulst
Saloon Keeper
Posts: 7993
143
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That actually looks like a valid scenario! I'm content :P
 
Paweł Baczyński
Bartender
Posts: 2087
44
Firefox Browser IntelliJ IDE Java Linux Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
rodolfo tuble wrote:7 digits have a 10,000,000 possible combination.

Not if you disallow 0 as the first digit.
 
Rob Spoor
Sheriff
Posts: 21135
87
Chrome Eclipse IDE Java Windows
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You'll only lose 10%, so there's still 9 million possible values.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!