Re: Weak keys

Jan Luehe (Jan.Luehe@Eng)
Fri, 9 Jan 1998 16:34:30 -0800 (PST)

Date: Fri, 9 Jan 1998 16:34:30 -0800 (PST)
From: Jan Luehe <Jan.Luehe@Eng>
Subject: Re: Weak keys
To: java-security@web1.javasoft.com, gelderen@mediaport.org

Jeroen:

> It might be a good idea to implement functions related to (semi-)weak keys.
>
> Allow for throwing exceptions when weak keys are detected/loaded. Allow for
> querying a key for it's (semi-)weakness (isWeak, WeakKeyException).
>
> Good idea? Or not? Comments appreciated...

Good idea!

We already have a method "isParityAdjusted" in javax.crypto.spec.DESKeySpec.
We could add a method "isWeak".

The DES key generator in our provider ("SunJCE") already ensures
that a generated key is not weak/semiweak.

Thanks,

Jan