Random values in DSA signature computation

Steve Burnett (burnettS@RSA.COM)
Fri, 31 Oct 1997 15:21:28 -0800

Message-Id: <6236E58EC451D1119E80006097040ED9013071@lobester.rsa.com>
From: Steve Burnett <burnettS@RSA.COM>
To: "'java-security@java.sun.com'" <java-security@web2.javasoft.com>
Subject: Random values in DSA signature computation
Date: Fri, 31 Oct 1997 15:21:28 -0800

I'm sorry if this question has been answered, but I have not seen it,
so ...

It used to be that java.security.Signature did not compute a separate
random value for each DSA signature (the value "k"). A couple people
from JavaSoft have told me this has been fixed.

I would like to know how the k value is computed. When I create a
Signature object, I never pass in a random number generator, so does the
Signature class (the SUN Provider version thereof) build a random number
generator? If so, what is its seed? Time of Day? Is it supposed to
produce a separate k for each signature? Or will it produce a separate k
only for different messages?

Thanks,

Steve Burnett
burnetts@rsa.com