100218: BigInteger staticRandom field (original) (raw)
Joe Darcy joe.darcy at oracle.com
Tue Jan 10 07:19:59 UTC 2012
- Previous message: 100218: BigInteger staticRandom field
- Next message: hg: jdk8/tl/langtools: 7046929: tools/javac/api/T6397104.java fails
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello,
Catching up on email after the holidays...
On 01/05/2012 09:58 AM, Doug Lea wrote:
On 01/05/12 01:02, Bill Pugh wrote:
So I think the right thing to do is to abandon the original patch, and instead make the following changes:
* add the following method to BigInteger public boolean isProbablePrime(int certainty, Random end) , which allows primality testing with arbitrary Random objects. In many cases, using a well seeded normal Random object will work just fine, and this will give users the ability to provide their own Random objects * Document SecureRandom to note that all instances of SecureRandom depend on a common shared source of randomness, and thus it can be a concurrency bottlenck. * Document that BigInteger.isProbablePrime(int certainty) is a concurrency bottleneck. This all sounds perfect to me. Joe Darcy - do you have any thoughts?
Hmmm. While the API changes appear fine at first, I'm a bit concerned about how to make isProbablePrime*(int certainty, Random end) suitably robust against possibly adversarial sources of randomness (all zeros, all ones, etc.) The number-theoretic primarily tests used by the existing isProbablePrime(int) rely on a good source of random bits; I'd have to research what the weakest assumptions on the source of randomness are for the existing checks to still be valid.
I think informative (not normative) notes in the javadoc on the latter two points would be fine.
Cheers,
-Joe
- Previous message: 100218: BigInteger staticRandom field
- Next message: hg: jdk8/tl/langtools: 7046929: tools/javac/api/T6397104.java fails
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]