harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Hindess <mark.hind...@googlemail.com>
Subject Re: [classlib][security] RandomBitsSupplier.getRandomBits() on zOS
Date Tue, 08 Jan 2008 12:44:20 GMT

On 8 January 2008 at 1:19, "Imran Ghory" <imranghory@gmail.com> wrote:
> On Jan 8, 2008 12:35 AM, Endre St=F8lsvik <Endre@stolsvik.com> wrote:
> > Yuri Dolgov wrote:
> > > I had a little experience in this. I used several rdtsc values, local
> > and
> > > JNI variables
> > > addresses, java memory info and nanotime value.
> >
> > Once upon a time, I also had the great idea to seed a random number
> > generator by using the hashCode() (they say it is the "address" of the
> > object on many JVMs) of some specific object.
> There was an incident a while back where an online poker service was
> exploited by the fact they seeded their randomness from time - someone
> just brute forced all the possible time combinations and with the
> information about which cards they had been dealt they were able to
> figure out what the seed was.
> Incidently, I know I'm coming a bit late to this conversation but
> couldn't we just resort to throwing a NoSuchAlgorithmException in the
> case we don't have a random source - wouldn't that be better then
> using a non-random source to avoid a false sense of security ?

But one might also argue that the existing code using /dev/urandom in
preference to the more secure /dev/random is also wrong in this respect.

> Looking at the SecureRandom docs a SecureRandom source has to comply
> with FIPS 140-2 & RFC 1750 - which unix random() almost certainly
> won't.

Certainly not on my linux box, but then /dev/urandom isn't either than
that is used by default on Linux.

In any case, this argument is possibly slightly misleading since AIUI we
are talking about the seed for the SecureRandom source rather than the
source itself.


View raw message