Hi
On 8/21/20 9:30 PM, Chris Muller wrote:
I didn't update the two in DSA key generators, though, because it looks like they're doing some stuff based on 160-bit math, and also maybe have a bug. Would you or someone mind taking a peek at:
DSAKeyPairGenerator>>#generate1024bitKeySet and DSAKeyPairGenerator>>#generateKeySet
These two methods are nearly identical, including what looks like a bug near the bottom, where it says:
x := self nextRandom160.
I imagine that's supposed to read:
x := random nextRandom160.
Yes, please include that change, so it will work! ;)
RandomGenerator doesn't have #nextRandom160, although we could add it, it seems like we should phase it out for nextBits: 160.
It seems nextBits: calls nextRandom160 to gain key material. Whatever you think is best, Chris.
K, r
What do you think?
- Chris
PS -- the remaining changes are committed to the Cryptography repository, review is very welcome if you have time.
I will make the time. I am in super-lazy mode, atm. Watching Star Trek Discovery.
On Fri, Aug 21, 2020 at 5:42 AM Robert Withers robert.withers@pm.me wrote:
+1 Sounds great to me, Chris! Great to see traffic! It looks like a change to Diffie Hellman and the RSA/DSA Keys, as far as ParrotTalk is concerned.
K, r
On 8/21/20 1:01 AM, Chris Muller wrote:
Hi all, I would like to make Fortuna the default secure random number generator in Squeak. I like using it because its implementation is so simple and utilizes another crypto primitive which I trust, a 256-bit AES cipher in counter (CTR) mode to generate the random stream.
If it interests you, please take a look at CryptographyRandom-cmm.14.mcz, and let me know your thoughts. I'll plan on committing the remaining senders in a few days.
- Chris
Name: CryptographyRandom-cmm.14 Author: cmm Time: 20 August 2020, 11:45:55.957918 pm UUID: 8fa45a8b-cbb5-43be-8367-adcf78503be2 Ancestors: CryptographyRandom-ul.13
- Introduce RandomGenerator class>>#newSecureRandom to allow
configuration of a preferred secure random number generator. To set this to SecureRandom, execute:
RandomGenerator picker: SecureRandom withGeneratedKey
otherwise, it will default to the Fortuna generator. Fortuna relies on 128-bit AES for its security, reducing security-sapping complexity.
- Re-bolster #unpredictableStringsDo:. Chasing Pharo compatibility
resulted in a too-significant cut to its security, with only time elements in there (which appear relatively easily brute-forcable). It utilizes the new primitive Random gatherEntropyInto: in combination with some of its original sources, in case the primitive fails or is compromised. _______________________________________________ Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
Cryptography mailing list Cryptography@lists.squeakfoundation.org http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography