-
Bug
-
Resolution: Fixed
-
P1
-
1.1.1
-
None
-
b01
-
sparc
-
solaris_2.5.1
-
Not verified
If an application doesn't specify a random seed using kseed, the same
random seed is used for every invocation of DSA.
Called in by the guy from RSA:
From: Steve Burnett <###@###.###>
To: "'JavaSoft crypto questions'" <###@###.###>
Subject: Signatures and Ciphers that need random values
Date: Wed, 7 May 1997 11:09:34 -0700
X-Status: $$$$
X-UID: 0000000044
When computing a DSA signature, I need to generate a random value
(generally called k). If I'm signing using PSS (Probabilistic Signature
Scheme, similar to OAEP enveloping), I need to generate random values.
And speaking of OAEP, I will need to generate random values when
encrypting.
It seems to me it would be a good idea to allow callers to pass in a
SecureRandom object at some point in the Signature and Cipher classes
(possibly init).
Incidentally, in the SUN implementation of DSA that I got when I
downloaded JDK 1.1 (and 1.1.1), how do you generate the random k? It
appeared to be the same k every single time.
--Steve Burnett
###@###.###
random seed is used for every invocation of DSA.
Called in by the guy from RSA:
From: Steve Burnett <###@###.###>
To: "'JavaSoft crypto questions'" <###@###.###>
Subject: Signatures and Ciphers that need random values
Date: Wed, 7 May 1997 11:09:34 -0700
X-Status: $$$$
X-UID: 0000000044
When computing a DSA signature, I need to generate a random value
(generally called k). If I'm signing using PSS (Probabilistic Signature
Scheme, similar to OAEP enveloping), I need to generate random values.
And speaking of OAEP, I will need to generate random values when
encrypting.
It seems to me it would be a good idea to allow callers to pass in a
SecureRandom object at some point in the Signature and Cipher classes
(possibly init).
Incidentally, in the SUN implementation of DSA that I got when I
downloaded JDK 1.1 (and 1.1.1), how do you generate the random k? It
appeared to be the same k every single time.
--Steve Burnett
###@###.###