D
Daniel Dyer
Daniel Dyer wrote
If I remember correctly, the SecureRandom potentially uses a lot of time
during initialization to "collect entropi". Can you possibly state
whether or not generator initialization is included in the factor 8 you
mention above?
That's a good point and something I should have considered. My benchmark
does not include the time taken to instantiate the SecureRandom object,
but I guess it's possible that the entropy gathering is deferred until the
first request is made (I haven't looked at the SecureRandom source). I'll
try it again later but make a few requests before I start timing and see
what the difference is. The benchmark generates 1 million random ints, 1
million random doubles and 1 million Gaussians. For SecureRandom it takes
less than 4 seconds under Windows and about 30 seconds under Linux on my
laptop. If the SecureRandom is getting its entropy from /dev/random it
shouldn't take 26 seconds. My guess, and that's all it is, is that it
something to do with the SHA-1 implementation in the Linux version of
JCE. I have written an RNG that uses the AES block cipher and seeds
itself from /dev/random and it completes the benchmark in under 2 seconds
under Linux.
Dan.