---

id: 78

slug: "strong-random"

title: "Strong random generation"

category: "security"

difficulty: "beginner"

jdkVersion: "9"

oldLabel: "Java 8"

modernLabel: "Java 9+"

oldApproach: "new SecureRandom()"

modernApproach: "getInstanceStrong()"

oldCode: |-

// Default algorithm — may not be

// the strongest available

SecureRandom random =

new SecureRandom();

byte[] bytes = new byte[32];

random.nextBytes(bytes);

modernCode: |-

// Platform's strongest algorithm

SecureRandom random =

SecureRandom.getInstanceStrong();

byte[] bytes = new byte[32];

random.nextBytes(bytes);

summary: "Get the platform's strongest SecureRandom implementation."

explanation: "getInstanceStrong() returns the SecureRandom implementation configured\

\ as the strongest on the platform. This is controlled by the securerandom.strongAlgorithms\

\ security property."

whyModernWins:

- icon: "🛡️"

title: "Strongest available"

desc: "Automatically selects the best algorithm for the platform."

- icon: "📖"

title: "Explicit intent"

desc: "Clearly communicates that strong randomness is required."

- icon: "🔧"

title: "Configurable"

desc: "Administrators can change the strong algorithm via security properties."

support:

state: "available"

description: "Widely available since JDK 9 (Sept 2017)"

prev: "security/key-derivation-functions"

next: "security/tls-default"

related:

- "security/pem-encoding"

- "security/key-derivation-functions"

- "security/tls-default"

docs:

- title: "SecureRandom"

href: "https://docs.oracle.com/en/java/javase/25/docs/api/java.base/java/security/SecureRandom.html"