Radomly Failed (RSA2013)

Christopher Meyer christopher.meyer at rub.de
Mon Mar 25 01:28:40 PDT 2013

Hi Bernd,
we already discussed the problems together with Brad during the JEP 123 
proposal conception. Most problems had already been adressed by his proposal 
or were already known. But nevertheless, thanks for highlighting :-)

Cheers from Bochum,

On Sunday 24 March 2013 20:43:38 Bernd Eckenfels wrote:
> Hallo,
> I am quite sure you received the paper directly, but nevertheless I want
> to be sure and point it out here on the list as well.
> http://www.scribd.com/doc/131955288/Randomly-Failed-The-State-of-Randomness-
> in-Current-Java-Implementations
> Kai Michaelis, Christopher Meyer and Jörg Schwenk  - Ruhr Uni Bochum
> Abstract: This paper investigates the Randomness of several Java Run-time
> Libraries by inspecting the integrated Pseudo Random NumberGenerators.
> Significant weaknesses in different libraries including An-droid, are
> uncovered.
> For the OpenJDK most of the critics was in regards of the size limited
> state pool for the SHA-1 generator. I guess the analysis of the entropy
> collector is not that relevant, and since SHA1PRNG is miving with native
> random on most platforms it is also not so critical. However when building
> a strong version for key generation the state space should be
> defined/observed in spec, I think?
> Greetings
> Bernd
> PS: found this Paper via Kris Köhntopp, I think it is from the
> Cryptography Track at RSA 2013 conference.


Dipl.-Ing. Christopher Meyer

Horst Görtz Institute for IT-Security 
Chair for Network and Data Security 
Ruhr-University Bochum, Germany

Universitätsstr. 150, ID 2/415
D-44801 Bochum, Germany
http:// www.nds.rub.de

Phone: (+49) (0)234 / 32 - 29815
Fax: (+49) (0)234 / 32 - 14347

More information about the security-dev mailing list