java - Tomcat 启动时间太长 - Java SecureRandom

Question

请不要将其标记为重复。这是这两个问题的后续问题。

• Tomcat7 starts too late on Ubuntu 14.04 x64 [Digitalocean]
• https://stackoverflow.com/a/2325109/6785908

我明白了，替换

securerandom.source=file:/dev/urandom

与

securerandom.source=file:/dev/./urandom

在 $JAVA_PATH/jre/lib/security/java.security 中将解决这个问题。

我的问题是，在生产中这样做可以吗？这会对安全性产生任何影响吗(比如 Session ID 变得可预测)？如果这不太安全，是否有任何其他方法可以更快地提供足够的熵？

更新

我使用 openstack 进行部署(或者说，使用 AWS 或 GCP 或任何其他云提供商)。因此，添加声卡等硬件设备对我来说不是一个选择。

Answer 1

在使用正确的搜索词进行大量谷歌搜索后，我在 DigitalOcean 上看到了这篇不错的文章.我只是在这里引用相关部分。

There are two general random devices on Linux: /dev/random and /dev/urandom. The best randomness comes from /dev/random, since it's a blocking device, and will wait until sufficient entropy is available to continue providing output. Assuming your entropy is sufficient, you should see the same quality of randomness from /dev/urandom; however, since it's a non-blocking device, it will continue producing “random” data, even when the entropy pool runs out. This can result in lower quality random data, as repeats of previous data are much more likely. Lots of bad things can happen when the available entropy runs low on a production server, especially when this server performs cryptographic functions.

因此，这是一个潜在的安全风险。

填充熵池的解决方案

Linux already gets very good quality random data from the different hardware sources, but since a headless machine usually has no keyboard or mouse, there is much less entropy generated. Disk and network I/O represent the majority of entropy generation sources for these machines, and these produce very sparse amounts of entropy. Since very few headless machines like servers or cloud servers/virtual machines have any sort of dedicated hardware RNG solution available, there exist several userland solutions to generate additional entropy using hardware interrupts from devices that are “noisier” than hard disks, like video cards, sound cards, etc. This once again proves to be an issue for servers unfortunately, as they do not commonly contain either one

解决方案:haveged

Based on the HAVEGE principle, and previously based on its associated library, haveged allows generating randomness based on variations in code execution time on a processor. Since it's nearly impossible for one piece of code to take the same exact time to execute, even in the same environment on the same hardware, the timing of running a single or multiple programs should be suitable to seed a random source. The haveged implementation seeds your system's random source (usually /dev/random) using differences in your processor's time stamp counter (TSC) after executing a loop repeatedly

如何安装haveged

按照本文中的步骤操作。 https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for-cloud-servers-using-haveged