The random number generator gathers environmental noise from device drivers and other sources into an entropy pool. The generator also keeps an estimate of the number of bits of noise in the entropy pool. From this entropy pool random numbers are created.

When read, the /dev/random device will only return random bytes within the estimated number of bits of noise in the entropy pool. /dev/random should be suitable for uses that need very high quality randomness such as one-time pad or key generation. When the entropy pool is empty, reads from /dev/random will block until additional environmental noise is gathered.

A read from the /dev/urandom device will not block waiting for more entropy. It will read an initial seed of sufficient length from /dev/random, then use a PRNG. It may block initially (just after system boot) but once it has gathered enough entropy, it never blocks. This provides the level of randomness needed by most cryptographic protocols

/dev/random and /dev/urandom performance can be verified by using a simple Java program.

)1. Compile the following program A.java on a Linux box.

import java.security.SecureRandom;

public class A {

    public static void main(String[] args) {

        SecureRandom sr = new SecureRandom();

        int out = 0;

        System.out.println("Starting " + new java.util.Date().toLocaleString());

        for (int i = 0; i <5000000 ; i++) {

            out ^= sr.nextInt();

        }

        System.out.println("Finished " + new java.util.Date().toLocaleString());

        System.out.println(out);

            try{

            Thread.sleep(2000);

            }catch(Exception e)

        {

                e.printStackTrace();

        }

    }

}

2). After compilation, run the program as follows: 

./java A

Check the reference to random. 

lsof | grep random | grep java

[root@1pasprh66temp bin]# lsof | grep random | grep java

java      18617      root    5r      CHR                1,8      0t0       3809 /dev/random

java      18617      root    6r      CHR                1,9      0t0       3810 /dev/urandom

3). Run the same by changing the random.

./java -Djava.security.egd=file:/dev/./urandom A

[root@1pasprh66temp bin]# lsof | grep random | grep java

java      32108      root    5r      CHR                1,8      0t0       3809 /dev/random

java      32108      root    6r      CHR                1,9      0t0       3810 /dev/urandom

java      32108      root    7r      CHR                1,9      0t0       3810 /dev/urandom

The second urandom is created for the application to get its random seeds.The above steps will make sure that the urandom is working as expected.

From the program output, /dev/random and /dev/urandom performance can be compared. 

[root@1pasprh66temp bin]# ./java A

Starting Oct 15, 2015 1:46:33 PM

Finished Oct 15, 2015 1:46:38 PM

964753756

[root@1pasprh66temp bin]# ./java -Djava.security.egd=file:/dev/./urandom A

Starting Oct 15, 2015 1:46:44 PM

Finished Oct 15, 2015 1:46:45 PM

-1964932361