On Tue, Dec 8, 2015 at 5:36 AM, Naval Saini <navalno...@gmail.com> wrote: > I am facing a confusion/problem regarding DSA encryption on Android (the > plain text is not same as the decrypted cipher text).
DSA is a signature scheme, not an encryption scheme. Just bike shedding, but I'd be very careful about using DSA on a low entropy device. DSA is very sensitive to the selection of 'k', so you need to be sure you its truly random. Android's PRNG startup code often leaves a lot to be desired. See, for example, https://code.google.com/p/android-source-browsing/source/browse/services/java/com/android/server/EntropyService.java?spec=svn.platform--frameworks--base.b8cba95ffd4d9be0edace7a9eb42286e668ef3e3&repo=platform--frameworks--base&name=b8cba95f&r=b8cba95ffd4d9be0edace7a9eb42286e668ef3e3 . You may want to sample some sensors, digest it and then feed it to your PRNG before you perform a signing operation. Jeff -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-security-discuss+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
