Android's SecureRandom uses BouncyCastle prior to 4.2 and OpenSSL in 4.2+ ( http... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		kllrnohj on Aug 11, 2013 \| parent \| context \| favorite \| on: Android RNG Weakness Renders Bitcoin Wallets Insec... Android's SecureRandom uses BouncyCastle prior to 4.2 and OpenSSL in 4.2+ ( http://android-developers.blogspot.com.au/2013/02/security-e... ) It'd be interesting to know what the bug is and if that bug affects Bouncy Castle and/or OpenSSL as well, or if Google screwed up the glue code somehow

sirk390 on Aug 12, 2013 [–]

This is the paper referenced in the bitcointalk thread: http://www.scribd.com/doc/131955288/Randomly-Failed-The-Stat.... See section 5.4 for Bouncy Castle: Weaknesses/Quality of Entropy Collectors.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact