crypto: remove slight bias in key generation due to modulo

author: moneromooo-monero <moneromooo-monero@users.noreply.github.com> 2018-07-04 22:17:20 +0100
committer: moneromooo-monero <moneromooo-monero@users.noreply.github.com> 2018-07-05 09:18:01 +0100
commit: 61caab8a8c8a4e4239216c861c4d1eba5bcfd76e (patch)
tree: be26e7581f6fecdbb62fbcf7b661bb8ac0ba254b /src/ringct/rctOps.cpp
parent: Merge pull request #4094 (diff)
download: monero-61caab8a8c8a4e4239216c861c4d1eba5bcfd76e.tar.xz
1 files changed, 4 insertions, 6 deletions
diff --git a/src/ringct/rctOps.cpp b/src/ringct/rctOps.cpp
index 68cc43128..50693bad7 100644
--- a/src/ringct/rctOps.cpp
+++ b/src/ringct/rctOps.cpp
@@ -62,14 +62,13 @@ namespace rct {
 
     //generates a random scalar which can be used as a secret key or mask
     void skGen(key &sk) {
-        sk = crypto::rand<key>();
-        sc_reduce32(sk.bytes);
+        random32_unbiased(sk.bytes);
     }
 
     //generates a random scalar which can be used as a secret key or mask
     key skGen() {
-        key sk = crypto::rand<key>();
-        sc_reduce32(sk.bytes);
+        key sk;
+        skGen(sk);
         return sk;
     }
 
@@ -79,9 +78,8 @@ namespace rct {
         CHECK_AND_ASSERT_THROW_MES(rows > 0, "0 keys requested");
         keyV rv(rows);
         size_t i = 0;
-        crypto::rand(rows * sizeof(key), (uint8_t*)&rv[0]);
         for (i = 0 ; i < rows ; i++) {
-            sc_reduce32(rv[i].bytes);
+            skGen(rv[i]);
         }
         return rv;
     }
author	moneromooo-monero <moneromooo-monero@users.noreply.github.com>	2018-07-04 22:17:20 +0100
committer	moneromooo-monero <moneromooo-monero@users.noreply.github.com>	2018-07-05 09:18:01 +0100
commit	61caab8a8c8a4e4239216c861c4d1eba5bcfd76e (patch)
tree	be26e7581f6fecdbb62fbcf7b661bb8ac0ba254b /src/ringct/rctOps.cpp
parent	Merge pull request #4094 (diff)
download	monero-61caab8a8c8a4e4239216c861c4d1eba5bcfd76e.tar.xz