Initializing Secure Random (Reprise)

roger riggs roger.riggs at oracle.com
Wed Nov 26 14:50:24 UTC 2014 

Hi Peter,

Thanks for the update, I'm just getting up to speed on this and had help 
correcting
the bug description and linking to the history from the earlier 
discussions in June.

The static initializations of SecureRandom contribute to the large 
number of classes
loaded even for the trivial program so it may be useful to delay them so
the most trivial default use of SecureRandom does not load them immediately.

Roger


On 11/25/2014 6:37 PM, Peter Levart wrote:
> Hi Roger,
>
> I see the 8060435 bug already talks about that possible solution too.
>
> I agree with Paul that a public static method on SecureRandom would be 
> better for JDK9. Or maybe even some new class in java.util, which 
> would implement just the interface to native /dev/urandom on Unixes 
> and MSCAPI on Windows (without any SHA1 mixing or such) and make java 
> security SeedGenerator depend on that rather than the other way around 
> (where TLR/SplittableRandom depend on java security). I think this is 
> better from modularization standpoint too.
>
> In case of a new java.util class (what about a method on 
> java.lang.System?) the code (together with native part on Windows) 
> could just be copied from (Native)SeedGenerator where it is already 
> tried and tested. Then NativeSeedGenerator would just become a facade 
> for invoking java.util/java.lang.System method.
>
> Regards, Peter
>
> On 11/26/2014 12:15 AM, Peter Levart wrote:
>>
>> On 11/24/2014 09:46 PM, roger riggs wrote:
>>> Hi,
>>>
>>> This topic has languished for a bit and could use a bit of expertise 
>>> from
>>> Windows developers.
>>>
>>> The improvements in entropy for initializing Secure Random in JDK 8 
>>> have
>>> some negative attributes that affect maintainability, robustness and 
>>> performance[1].
>>> The dependency on networking, can in some OS's and configurations lead
>>> to increased startup times and issues with bootstrapping the Java 
>>> runtime.
>>>
>>> Martin has proposed[2] an alternative for Linux based on /dev/urandom
>>> with a fallback to a simpler algorithm if /dev/urandom is not 
>>> available.
>>>
>>> Since /dev/urandom is not native to Windows, it seems prudent to 
>>> identify
>>> a corresponding source of entropy data.
>>>
>>> What are the recommended ways on Windows to get seeds for random?
>>> Please suggest one or more ways to initialize SecureRandom
>>
>> Hi Roger,
>>
>> Do you mean SecureRandom or ThreadLocalRandom/SplittbleRandom, since 
>> the 8060435 talks about the later two ?
>>
>> As Bernd identified, the Windows equivalent to /dev/urandom is MSCAPI.
>>
>> 5 months ago I made an attempt to expose a part of contained internal 
>> java security API to get access to /dev/urandom based and MSCAPI 
>> based seed generators. Here's the thread with the discussion:
>>
>> http://mail.openjdk.java.net/pipermail/core-libs-dev/2014-June/027256.html
>>
>> The minimal patch was the following:
>>
>> http://cr.openjdk.java.net/~plevart/jdk9-dev/TLR_SR_SeedGenerator/webrev.01/
>>
>> Regards, Peter
>>
>>>
>>> Thanks, Roger
>>>
>>> p.s. Sorry to be covering old ground but I don't have all the context.
>>>
>>>
>>> [1] 8060435  SecureRandom initialization latency on Windows
>>> https://bugs.openjdk.java.net/browse/JDK-8060435
>>>
>>> [2] 
>>> http://cr.openjdk.java.net/~martin/webrevs/openjdk9/ThreadLocalRandom-system-entropy/
>>
>

More information about the core-libs-dev mailing list