Fw: Update #2: JEP 123: SecureRandom First Draft and Implementation. (original) (raw)

Brad Wetmore bradford.wetmore at oracle.com
Thu Jan 10 23:02:31 UTC 2013

• Previous message (by thread): Fw: Update #2: JEP 123: SecureRandom First Draft and Implementation.
• Next message (by thread): hg: jdk8/tl/jdk: 8005962: TEST_BUG: java/util/Properties/MacJNUEncoding can fail in certain environments
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Thanks Bruce/Michael,

FYI, I've created:

 8006041: Create SecureRandom standard algorithm names.

against JDK 8 to track this issue, and I had previously filed:

 8003584: Consider adding a more modern SecureRandom implementation

to add the SP800-90a algorithms in JDK.

Brad

On 1/10/2013 9:48 AM, Bruce Rich wrote:

+1

IBM already has SP800-90a/SHA256/HASH, SP800-90a/SHA384/HASH, and SP800-90a/SHA512/HASH in our provider, but without standardized names, they are not very useable for the Java community as a whole. Bruce A Rich brich at-sign us dot ibm dot com ----- Forwarded by Bruce Rich/Austin/IBM on 01/10/2013 11:44 AM ----- From: Michael StJohns <mstjohns at comcast.net> To: Sean Mullan <sean.mullan at oracle.com>, Xuelei Fan <xuelei.fan at oracle.com> Cc: OpenJDK Dev list <security-dev at openjdk.java.net>, Brad Wetmore <bradford.wetmore at oracle.com> Date: 01/09/2013 09:32 PM Subject: Re: Update #2: JEP 123: SecureRandom First Draft and Implementation. Sent by: security-dev-bounces at openjdk.java.net ------------------------------------------------------------------------

At 09:45 AM 1/9/2013, Sean Mullan wrote: >think it is unlikely that 2 providers would implement the same SecureRandom algorithm, since the names are not standardized like other cryptographic algorithms such as SHA-256, RSA, etc. Can this be fixed? There really should be a flavor for this. E.g. SP800-90a/SHA256/HASH SP800-90A/SHA256/HMAC SP800-90A/AES/CTR NRBG/NoisyDiode[/implementation id] NRBG/RingOscillator[/Implementation id] There are about 6 classes of NIST "approved" deterministic random number generators. See http://csrc.nist.gov/publications/fips/fips140-2/fips1402annexc.pdf. I wouldn't be surprised to find that multiple providers implement the same RNGs, but don't have a common name for them. In fact, according to wikipedia, the underlying function for MSCAPI is the FIPS186-2 appendix 3.1 with SHA1 function. Mike

• Previous message (by thread): Fw: Update #2: JEP 123: SecureRandom First Draft and Implementation.
• Next message (by thread): hg: jdk8/tl/jdk: 8005962: TEST_BUG: java/util/Properties/MacJNUEncoding can fail in certain environments
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the security-dev mailing list