RFR: ChaCha20 and ChaCha20/Poly1305 Cipher implementations

Thomas Lußnig lussnig at suche.org
Mon Mar 26 22:43:15 UTC 2018


Hi,

this choice is even better than the current version. Because than the 
default system wide
secure random provider is used.

Gruß Thomas

On 3/27/2018 12:23 AM, Jamil Nimeh wrote:
>
> Another thought on #2: Another way we could go with this is to create 
> a new SecureRandom() or use JceSecurity.RANDOM when the random 
> parameter is null.  That would make init(op, key, random) and init(op, 
> key) behave the same when random is null.  You would always get a 
> random nonce in these two forms.  I may go that direction since 
> there's an established behavior for when no SecureRandom is provided 
> through Cipher.init(int, Key).
>
> --Jamil


More information about the security-dev mailing list