JDK-8003584 : Consider adding a more modern SecureRandom implementation
  • Type: New Feature
  • Component: security-libs
  • Sub-Component: java.security
  • Priority: P4
  • Status: Resolved
  • Resolution: Duplicate
  • Submitted: 2012-11-17
  • Updated: 2016-05-06
  • Resolved: 2016-05-06
Related Reports
Duplicate :  
JDK-8051408 - JEP 273: DRBG-Based SecureRandom Implementations
Relates :  
JDK-8051408 - JEP 273: DRBG-Based SecureRandom Implementations
Description
We have a variety of SecureRandom implementations:

    SHA1PRNG - based on a SHA1 MessageDigest
    NativePRNG - based on /dev/random,urandom
    Windows-PRNG - calls to Microsoft's MSCAPI
    PKCS11 - calls to underlying PKCS11 library

We might consider adding something more modern like:

    http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf

We should also have a look over 90B/C which are in draft state to see if there is anything we can do at our level.

    http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-90-B
    http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-90-C
Comments
800-90A was revised: See Revision 1 now. http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf
13-01-2016
Yes. This is the same as JDK-8051408.
01-09-2015
Be sure to look at the new draft publications coming out from NIST, in light of the Dual EC DRBG issue. Currently: http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-90-A%20Rev%201%20B%20and%20C
27-09-2013