I need to write a random number generator that uses an algorithm that is FIPS 140-2 compliant/certified. I am having a tough time finding anything that will work for me. Anyone done this before?
Using Java 8. Development environment is Mac OSX and servers are CentOs 7.
I don't think the numbers generated are random enough using the Sun cryptography algorithms available. None of the algorithms are FIPS 140-2 certified. I definitely would like to define my API using SecureRandom or with an implementation of SecureRandom, I'm not planning on reinventing the wheel there.
I might have missed that. I should be good then. Is there any algorithm better than others? Or should this be enough? SecureRandom rand = SecureRandom.getInstance("SHA1PRNG", "SUN");
I couldn't say if there are better or worse algorithms out there, I'm sure there are. I do know that you would be wise to avoid the Random library if robust randomness is required, as is your case. It has been found to be fairly easy to predict upcoming values given a sequence of previous generated values.