[jcifs] SecureRandom.nextBytes Takes Too Long

eglass1 at comcast.net eglass1 at comcast.net
Thu Sep 11 18:25:01 EST 2003

> The random.nextBytes(clientChallenge) calls in the NPA constructors kill
> my CPU and takes almost 10 seconds to run. This make program startup
> pretty painful. Any ideas?

Try changing java.security.SecureRandom to just plain old java.util.Random; it
is an order of magnitude faster (a cryptographically strong PRNG is probably
not a requirement for us anyways).

It is kind of strange that it takes *that* long though -- I can run the
following in about 1 second (not counting the 2 second sleep):

public class test {

    public static void main(String[] args) throws Exception {
        byte[] dest = new byte[8];
        java.util.Random sec = new java.security.SecureRandom();
        Thread.sleep(2000); // sleep a bit to get into a steady state
        long start = System.currentTimeMillis();
        for (int i = 0; i < 300000; i++) sec.nextBytes(dest);
        System.out.println(System.currentTimeMillis() - start);


Changing SecureRandom to Random cuts that down to ~100ms.

Anyways, see if that helps; otherwise, there may be something else going on
here that would warrant some investigation.


More information about the jcifs mailing list