RFR 8051408: JEP 273: DRBG-Based SecureRandom Implementations
Wang Weijun
weijun.wang at oracle.com
Thu Apr 21 01:24:09 UTC 2016
> On Apr 21, 2016, at 8:07 AM, Xuelei Fan <xuelei.fan at oracle.com> wrote:
>
>> I'll model after Authenticator. That would need some synchronization.
>>
> You have already make synchronization.
You mean synchronized for instantiateIfNecessary? But this time I need to synchronize on cc which is static.
>
>> I even dare not write "Users should provide unique personalization string" in the spec. That will scare away possible users.
>>
> Why scare away possible users? It is pretty easy to use unique strings.
I don't think so.
For example, the NIST recommend a network card address and a library uses it as the personalization string. The NIC address is unique, but how to prevent an application call the library method twice and create 2 DRBGs with the same string?
> I think as spec say highly desire of unique, it would be better to make
> the recommendation in JDK spec. ;-)
Because of the reason above, I don't want to put this burden on the user.
> What do you mean delegate the
> responsibility to users (you said "Both") while you don't make the
> recommendation?
The string itself is provided by user and we cannot modify it. Therefore if the string must be unique, then it's user's responsibility to make it unique and the best we can do is check and throw IAEs.
--Max
More information about the security-dev
mailing list