nettle_mpz_random: Increased number of extra bits to 64, following FIPS 186-3.

author Niels Möller <nisse@lysator.liu.se>

Thu, 31 Jan 2013 20:04:06 +0000 (21:04 +0100)

committer Niels Möller <nisse@lysator.liu.se>

Thu, 31 Jan 2013 20:04:06 +0000 (21:04 +0100)
author Niels Möller <nisse@lysator.liu.se>
Thu, 31 Jan 2013 20:04:06 +0000 (21:04 +0100)
committer Niels Möller <nisse@lysator.liu.se>
Thu, 31 Jan 2013 20:04:06 +0000 (21:04 +0100)
diff --git a/ChangeLog b/ChangeLog

index 90e25e943f5ba796e0f672df57e19b76ad9d85dc..c08d7bcb004d75b5f3777e39e90c66b47920c80c 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2013-01-31  Niels Möller  <nisse@lysator.liu.se>
+
+       * bignum-random.c (nettle_mpz_random): Increased number of extra
+       bits to 64, following FIPS 186-3.
+
  2013-01-12  Niels Möller  <nisse@lysator.liu.se>
  
         * configure.ac: Use AC_LANG_SOURCE.
diff --git a/bignum-random.c b/bignum-random.c

index ab8c4f148e48289c9f159546c2f2af0c115ed07a..f305f0404d6696b6c7ded05ca9bcaf91aeefd9f6 100644 (file)
--- a/bignum-random.c
+++ b/bignum-random.c
@@ -75,11 +75,12 @@ nettle_mpz_random(mpz_t x,
     */
  
    /* Add a few bits extra, to decrease the bias from the final modulo
-   * operation. */
+   * operation. NIST FIPS 186-3 specifies 64 extra bits, for use with
+   * DSA. */
  
    nettle_mpz_random_size(x, 
                          ctx, random,
-                        mpz_sizeinbase(n, 2) + 16);
+                        mpz_sizeinbase(n, 2) + 64);
    
    mpz_fdiv_r(x, x, n);
  }
author	Niels Möller <nisse@lysator.liu.se>
	Thu, 31 Jan 2013 20:04:06 +0000 (21:04 +0100)
committer	Niels Möller <nisse@lysator.liu.se>
	Thu, 31 Jan 2013 20:04:06 +0000 (21:04 +0100)
ChangeLog		patch \| blob \| blame \| history
bignum-random.c		patch \| blob \| blame \| history