000017105 - RKM Java Client: Cryptographic operations are slow

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000017105
Applies ToRKM Java Client 2.7 SP1 and later
IssueRKM Java Client: Cryptographic operations are slow
RKM Java Client: Cryptographic operations are slow
ResolutionSet the following in the RKM Java Client properties file:

#------------------------------------------------------------
# DRBG Properties
#------------------------------------------------------------

# The algorithm to use when generating random bytes for use with Initialization Vectors.
# The default is ECDRBG128.
#secure_random.iv=ECDRBG128
secure_random.iv=HMACDRBG

# The algorithm to use when generating random bytes for use with cryptographic functions other than Initialization Vectors.
# The default is ECDRBG128.
#secure_random.general=ECDRBG128
secure_random.general=HMACDRBG


These algorithms are used by the underlying cryptography product, RSA BSAFE Crypto-J.  The default value "ECDRBG128" (Dual_EC_DRBG) offers good security based on a hard problem in number theory, but does cause performance problems for some systems. See NIST SP 800-90A for more information about DRBG Mechanisms.
NotesSee also the Crypto-J Troubleshooting Guide, included beginning in Crypto-J 5.0.
Legacy Article IDa60594

Attachments

    Outcomes