On Aug 23, 2013, at 5:06 PM, Mike Duigou wrote:
> I would strongly recommend holding back on this change until someone familiar
> with the crypto implications takes a look at it. Unfortunately neither the
> random constructor nor probablePrime indicate any expectations regarding the
> quality of random numbers needed from the offered PRNG.
>
> - Changing a SecureRandom to a regular non-crypto PRNG causes alarm bells for
> me. It also surprises me that a method named getSecureRandom() doesn't return
> a SecureRandom instance! I am not sure to what extent the MillerRabin method
> actually needs a secure random number generator.
It is still a SecureRandom():
925 protected Random initialValue() {
926 return new java.security.SecureRandom();
927 }
> - I ran out of time looking but what public code path results in
> getSecureRandom() being called? The public methods which take a Random don't
> seem to allow it to be null.
isProbablePrime(int).
> Urging extreme caution,
Thanks for the comments.
Brian
