Performance of /dev/urandom and /dev/random
Sannu K
sannumail4foss at gmail.com
Fri Sep 28 04:54:22 EDT 2012
On Fri, Sep 28, 2012 at 5:14 AM, DG <dangets at gmail.com> wrote:
> On Thu, Sep 27, 2012 at 5:09 PM, Mihir Pandya <mihir.m.pandya at gmail.com> wrote:
>> Hey guys,
>>
>> I'm interested to know why generating cryptographically secure random
>> numbers takes so long, particularly in my case. I have two Java classes that
>> are generating a million random numbers. One is generating random numbers
>> regularly while the other is using SecureRandom to generate the numbers. The
>> SecureRandom method is taking almost double the time and I realised that
>> it's because the method reads from /dev/urandom (not sure which) and obtains
>> its random numbers from the entropy pool there.
>>
>> I wanted to know where I can read about the exact mechanism used to generate
>> the cryptographically secure random numbers through SecureRandom and if
>> there is any way to make it faster.
>>
>> --
>> Mihir Pandya
>>
>
> From 'man urandom'
>
> When read, the /dev/random device will only return random bytes
> within the estimated number of bits of noise in the entropy pool.
> /dev/random should be suitable for uses
> that need very high quality randomness such as one-time pad or
> key generation. When the entropy pool is empty, reads from
> /dev/random will block until additional envi‐
> ronmental noise is gathered.
>
> A read from the /dev/urandom device will not block waiting for
> more entropy. As a result, if there is not sufficient entropy in the
> entropy pool, the returned values are
> theoretically vulnerable to a cryptographic attack on the
> algorithms used by the driver. Knowledge of how to do this is not
> available in the current unclassified litera‐
> ture, but it is theoretically possible that such an attack may
> exist. If this is a concern in your application, use /dev/random
> instead.
>
> Now I *believe* the entropy pool is filled by IO events - network
> activity, disk access, keyboard pounding, etc... I'm sure there is
> more documentation somewhere online as to the specifics.
>
> Hope that helps,
> Danny G
>
> _______________________________________________
> Kernelnewbies mailing list
> Kernelnewbies at kernelnewbies.org
> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
The entropy pool is filled by IO events as mentioned previously. The
random data is taken from various devices connected to the system.
/dev/urandom uses the device's randomness. So urandom will take more
time than /dev/random.
Hope this helps,
Prasanna Kumar T S M
More information about the Kernelnewbies
mailing list