RFR 8154523: SHA1PRNG output should change after reset

Xuelei Fan xuelei.fan at oracle.com
Wed May 11 04:18:13 UTC 2016


OK, go ahead!

Thanks,
Xuelei

On 5/9/2016 7:08 AM, Wang Weijun wrote:
> 
>> On May 8, 2016, at 10:26 PM, Xuelei Fan <xuelei.fan at oracle.com> wrote:
>>
>> On 5/8/2016 9:06 PM, Wang Weijun wrote:
>>> Ping again.
>>>
>>>> On May 3, 2016, at 10:26 AM, Wang Weijun <weijun.wang at oracle.com> wrote:
>>>>
>>>> Hi All
>>>>
>>>> Please take a review at
>>>>
>>>> http://cr.openjdk.java.net/~weijun/8154523/webrev.00
>>>>
>>>> Basically, a reset in SHA1PRNG should forget the internal state and cached output.
>>>>
>> The spec of SecureRandomSpi.engineSetSeed() says:
>>
>>   The given seed supplements, rather than replaces, the existing seed.
> 
> I think this is to encourage people to call setSeed() even if the caller cannot find a perfect seed, as any new call won't make randomness worse.
> 
>>
>> If I'm understand correctly, reseed is not the same as reset.  It should
>> be OK to use the cached output for performance if the previous seed is OK.
> 
> Well, it's almost reset. One calls setSeed() hoping new entropy is added and the output changes. Calling setSeed() is not a common thing and I think it's OK to ignore the performance impact here. Non predictability is quite crucial for a SecureRandom.
> 
> Thanks
> Max
> 
> 
>>
>> Xuelei
> 




More information about the security-dev mailing list