Java provides java.util.Random class for random number generation. However, this class should not be used to generate random numbers in applications where security is critical. For example, Synchronizer Toker is often used to mitigate CSRF attacks. This token should be generated using a high quality Random Number Generator (RNG) so that the attacker is not able to predict the next token. Even while generating encryption key or SESSIONID for highly secure applications, the next key or session Id of next user should be unpredictable for the attacker.