[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug crypto/38417] gnu.java.security.util.PRNG produces easily predictab
|
From: |
csm at gnu dot org |
|
Subject: |
[Bug crypto/38417] gnu.java.security.util.PRNG produces easily predictable values |
|
Date: |
8 Dec 2008 21:11:41 -0000 |
------- Comment #8 from csm at gnu dot org 2008-12-08 21:11 -------
This is an artifact from GNU Crypto, and it's something I've always hated about
that part of the code.
We never (I don't think) came up with a good seeding mechanism in GNU Crypto
itself -- the PRNG system supports seeding, of course, but we never came up
with good, automatic seeding. This is really because it depends a lot on the
runtime environment; on *nix, we'd likely go and use /dev/[u]random, and would
do something else on Windows.
gnu.java.security.util.PRNG is kind of a bad idea; code needing random numbers
should use a SecureRandom -- ideally one that can be changed at runtime.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=38417
- [Bug crypto/38417] New: gnu.java.security.util.PRNG produces easily predictable values, lloyd at randombit dot net, 2008/12/05
- [Bug crypto/38417] gnu.java.security.util.PRNG produces easily predictable values, lloyd at randombit dot net, 2008/12/05
- [Bug crypto/38417] gnu.java.security.util.PRNG produces easily predictable values, lloyd at randombit dot net, 2008/12/05
- [Bug crypto/38417] gnu.java.security.util.PRNG produces easily predictable values, lloyd at randombit dot net, 2008/12/08
- [Bug crypto/38417] gnu.java.security.util.PRNG produces easily predictable values, neugens at limasoftware dot net, 2008/12/08
- [Bug crypto/38417] gnu.java.security.util.PRNG produces easily predictable values, lloyd at randombit dot net, 2008/12/08
- [Bug crypto/38417] gnu.java.security.util.PRNG produces easily predictable values, neugens at limasoftware dot net, 2008/12/08
- [Bug crypto/38417] gnu.java.security.util.PRNG produces easily predictable values, lloyd at randombit dot net, 2008/12/08
- [Bug crypto/38417] gnu.java.security.util.PRNG produces easily predictable values,
csm at gnu dot org <=
- [Bug crypto/38417] gnu.java.security.util.PRNG produces easily predictable values, gnu_andrew at member dot fsf dot org, 2008/12/19