simple method for timestamp and nonce
Some internet protocols such as OAuth need timestamp
s and nonce
s.
Here comes what 8. Nonce and Timestamp saids in OAuth Core 1.0 Revision A,
Unless otherwise specified by the Service Provider, the timestamp is expressed in the number of seconds since January 1, 1970 00:00:00 GMT. The timestamp value MUST be a positive integer and MUST be equal or greater than the timestamp used in previous requests.
The Consumer SHALL then generate a Nonce value that is unique for all requests with that timestamp. A nonce is a random string, uniquely generated for each request. The nonce allows the Service Provider to verify that a request has never been made before and helps prevent replay attacks when requests are made over a non-secure channel (such as HTTP).
Some just use System.nanoTime().
Let’s do something. As of writing this entry, System.currentTimeMillis()
gave me 1354169632072
which has 23 high zero bits.
current millis 1354169632072 0x13B4ACCC548 Thu Nov 29 15:13:52 KST 2012 0000 0000 0000 0000 0000 0001 0011 1011 0100 1010 1100 1100 1100 0101 0100 1000 left shift by 3 10833357056576 0x9DA56662A40 Sat Apr 19 10:50:56 KST 2313 0000 0000 0000 0000 0000 1001 1101 1010 0101 0110 0110 0110 0010 1010 0100 0000 left shift by 20 1419949776119529472 0x13B4ACCC54800000 Tue Feb 24 15:32:09 KST 44998387 0001 0011 1011 0100 1010 1100 1100 1100 0101 0100 1000 0000 0000 0000 0000 0000
Note that shifting 3 bits serves about 300 years.
We can have, by shifting 20 bits, free 20 bits for random number with given timestamp
s.
// <20-bit shifted current millis> | <20-bit random> // 000T TTTT TTTT TTTT TTTT TTTT TTTT TTTT // TTTT TTTT TTTT NNNN NNNN NNNN NNNN NNNN // this method will be valid for about 300 years // possibility of collisions: one in a million in the very same millisecond final long nonce = (System.currentTimeMillis() << 20) | ThreadLocalRandom.current().nextInt(1048576);
Here are some methods.
public static long nonce(final long timestamp, final Random random) { return (timestamp << 20) | random.nextInt(1048576); } public static long nonce(final long timestamp) { return nonce(timestamp, ThreadLocalRandom.current()); } public static long nonce(final Random random) { return nonce(System.currentTimeMillis(), random); } public static long nonce() { return nonce(System.currentTimeMillis(), ThreadLocalRandom.current()); }