Fix security vulnerability in randomString method by using SecureRand…

[yannaingtun]

Description
This PR fixes a potential security vulnerability in the randomString method in PerfConfig.java by replacing ThreadLocalRandom with SecureRandom for generating random strings.

Issue
The current implementation uses ThreadLocalRandom which is not cryptographically secure and could lead to predictable tokens when used for security purposes.

Fix
Replace ThreadLocalRandom.current() with new SecureRandom() to ensure cryptographic strength.

References
Similar to vulnerability in CVE-2017-15911
Fixed in Openfire: igniterealtime/Openfire@7ff1f73

[SCNieh]

Hi, thanks for your commit, however the purpose of using Random here is simply to generate non-repeatable topic names for benchmark test, so I don't think is neccessary to use a secure random generator here for there is no cryptographically need in this case

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}