Techniques are disclosed for cryptographically secure shuffling processes for generating and utilizing secrets in an infrastructure-as-a-service (IaaS) environment. In an embodiment, a method comprises generating a source list and a destination list, the source list and destination list association with a sequential format and the source list comprising a plurality of elements in the sequential format; generating a first random number and a second random number; determining a first element in the source list, the first element corresponding to a position in the sequential format of the source list based on the first random number; determining a first destination position in the destination list, the first destination position corresponding to a position in the sequential format of the destination list based on the second random number; and updating the destination list to include the first element in the source list at the first destination position.