pirk-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joseph Witt (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (PIRK-2) Enhance Pallier acquisition of PRNG provider
Date Sun, 17 Jul 2016 17:46:20 GMT

    [ https://issues.apache.org/jira/browse/PIRK-2?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15381432#comment-15381432

Joseph Witt commented on PIRK-2:

This looks like a good step forward.  Get the explicit provider reference removed so it will
use the default as Tim has done then also optionally allow it to be specific in those cases
where one wishes greater control in behavior (https://issues.apache.org/jira/browse/PIRK-8).
 I found this page to explain the thought process well https://www.cigital.com/blog/proper-use-of-javas-securerandom/
as it points out how these things can have interesting behavioral side effects that may be
desirable in different in situations.

> Enhance Pallier acquisition of PRNG provider
> --------------------------------------------
>                 Key: PIRK-2
>                 URL: https://issues.apache.org/jira/browse/PIRK-2
>             Project: PIRK
>          Issue Type: Bug
>            Reporter: Tim Ellison
>            Assignee: Tim Ellison
> {{org.apache.pirk.encryption.Pallier}} has a hard coded requirement for the {{NativePRNG}}
algorithm to be supplied by the {{SUN}} provider.  This causes the {{test.general.PaillierTest}}
to fail on IBM's Java implementation.
> The implementation should allow the provider to be configured by the java.security properties
of the runtime to allow for provider optimizations, etc.
> Furthermore, the instantiation of a provider is relatively (CPU) expensive, so reusing
the PRNG is preferable to acquiring it each time a value is required.

This message was sent by Atlassian JIRA

View raw message