Default algorithm for new SecureRandom()

Lamoureux, Francois francois.lamoureux at rsa.com
Mon May 18 12:03:39 UTC 2020


Dell Customer Communication - Confidential

Hi,

While we appreciate that a performance issue was fixed in JDK-7092821<https://bugs.openjdk.java.net/browse/JDK-7092821>, the issue JDK-8228613<https://bugs.openjdk.java.net/browse/JDK-8228613> which results in new SecureRandom() being non-deterministic, hence resulting in any possible supported algorithm supported by the JCE provider is affecting our implementation, hence affecting many customers.

I would like to discuss the approach of implementing a SecureRandom.DEFAULT, as initially posted at JDK-8229521<https://bugs.openjdk.java.net/browse/JDK-8229521>.

Regards,
François


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20200518/71cdc79c/attachment.htm>


More information about the security-dev mailing list