RFR: ChaCha20 and ChaCha20/Poly1305 Cipher implementations
Thomas Lußnig
lussnig at suche.org
Mon Mar 26 22:43:15 UTC 2018
Hi,
this choice is even better than the current version. Because than the
default system wide
secure random provider is used.
Gruß Thomas
On 3/27/2018 12:23 AM, Jamil Nimeh wrote:
>
> Another thought on #2: Another way we could go with this is to create
> a new SecureRandom() or use JceSecurity.RANDOM when the random
> parameter is null. That would make init(op, key, random) and init(op,
> key) behave the same when random is null. You would always get a
> random nonce in these two forms. I may go that direction since
> there's an established behavior for when no SecureRandom is provided
> through Cipher.init(int, Key).
>
> --Jamil
More information about the security-dev
mailing list