About Java random numbers

Java offers two types of random number generators

1. Pseudo-random number generator

The pseudo-random number generator uses a specific algorithm to convert a random number seed seed into a series of pseudo-random numbers. The pseudo-random number depends on the value of the seed, and the same seed value is always generated with the same random number. The pseudo-random number generation process relies solely on the CPU and does not rely on any external devices, generating faster and not blocking.

The pseudo-random number generator provided by Java has the Java.util.Random class and the Java.util.concurrent.ThreadLocalRandom class.

The random class uses the Atomiclong implementation to ensure thread-safe multithreading, but as noted on this class of annotations, the performance of multiple threads concurrently obtaining random numbers is poor.

Threadlocalrandom can be used as a random number generator in a multithreaded environment, Threadlocalrandom uses thread-local variables to improve performance so that a long rather than a atomiclong can be used, in addition, Threadlocalrandom also makes byte padding to avoid pseudo-sharing.

2. Strong random number generator

A strong random number generator relies on random events provided at the bottom of the operating system. The strong random number generator has a slow initialization and generation speed, and because of the need for a certain entropy accumulation to generate a sufficient number of random numbers, it can cause blocking. Entropy accumulation usually originates from multiple random event sources, such as the time interval of tapping the keyboard, the distance and interval of moving the mouse, the interval of specific interrupts, etc. Therefore, it is only used when it is necessary to generate cryptographically strong random data.

Java provides a strong random number generator is the Java.security.SecureRandom class, which is also a thread-safe class, using the Synchronize method to ensure thread safety, but the JDK does not make a commitment to change the securerandom thread security in the future. Therefore, as with random, there may be performance problems in high-concurrency multithreaded environments.

In the implementation of Linux,/dev/random and/dev/urandom can be used as random event sources. Because the/dev/random is blocked, when the random number is read, when the entropy pool value is empty when the effect of blocking the performance, especially when the system large concurrent generation of random numbers, if the random number is not high, you can read the/dev/urandom to avoid blocking, by setting the parameters

-djava.security.egd=file:/dev/urandom

However, because of a bug in the JDK, you actually need to specify this value

-djava.security.egd=file:/dev/./urandom

The reason is that in Sun.security.provider.SunEntries class, Seedsource reads the system parameter JAVA.SECURITY.EGD, and if the value is empty, read the parameters in the java.security configuration file Securerandom.source , in the usual case, is to read the parameter Securerandom.source, the default value is/dev/urandom.

sun.security.provider.seedgeneratorfinal static string url_dev_random =  Sunentries.url_dev_random;final static string url_dev_urandom = sunentries.url_dev_ urandom;    if  (Egdsource.equals (url_dev_random)  | |  egdsource.equals (url_dev_urandom))  {    try {         instance = new nativeseedgenerator ();         if  (debug != null)  {             debug.println ("Using operating system seed generator");         }    } catch  (Ioexception e)  {        if  (debug != null)  {             debug.println ("Failed to use operating system seed  "                           +   "generator: "  + e.tostring ());        }     }} else if  (Egdsource.length ()  != 0)  {     Try {        instance = new urlseedgenerator ( Egdsource);        if  (debug != null)  {             debug.println ("Using URL seed  generator reading from  "                           +  Egdsource);         }    } catch  (ioexception e)  {         if  (debug != null)              debug.println ("Failed to create seed generator with   "                           + egdSource +  ": "  +  E.tostring ());     }}

You can see in the code that Nativeseedgenerator is enabled when the configuration value is File:/dev/random or file:/dev/urandom, and the implementation of the Nativeseedgenerator class under Linux is like this

Class Nativeseedgenerator extends Seedgenerator.urlseedgenerator {nativeseedgenerator () throws IOException {su    Per (); }}

The default construction method for Urlseedgenerator is

Urlseedgenerator () throws IOException {this (seedgenerator.url_dev_random);}

In other words, even if the-djava.security.egd=file:/dev/urandom is set, the final result is read File:/dev/random, the solution is to use a variety of Linux path notation, that is, the use of file:/dev/. /urandom to get around this problem.

About Java random numbers