Tag Archives: Java

Java, SecureRandom and /dev/random gotchas

After running flawlessly for several months a Java server applications we’re using in SpamDrain started to lock up very frequently. A thread dump taken during such a lock up revealed that all the handler threads were stuck inside a call to java.security.SecureRandom.nextInt(). By reading the source code of the SHA1PRNG SecureRandom implementation I figured out that it uses /dev/random under Linux for its source of random numbers. This was the cause of the lock ups.

Continue reading