Commit 53f3a429 authored by Niels Möller's avatar Niels Möller
Browse files

(bignum_random): Added a comment about biased

numbers.

Rev: src/bignum.c:1.17
parent f7da2ffd
......@@ -238,6 +238,10 @@ bignum_random_size(mpz_t x, struct randomness *random, unsigned bits)
void
bignum_random(mpz_t x, struct randomness *random, mpz_t n)
{
/* FIXME: This leaves some bias, which may be bad for DSA. A better
* way might to generate a random number of mpz_sizeinbase(n, 2)
* bits, and loop until one smaller than n is found. */
/* Add a few bits extra, to decrease the bias from the final modulo
* operation. */
bignum_random_size(x, random, mpz_sizeinbase(n, 2) + 10);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment