[Date Prev][Date Next][Thread Prev][Thread Next]
[Search]
[Date Index]
[Thread Index]
Re: [FWP] Shufflebug
2000-07-18-15:19:15 Amir Karger:
> The only question I would have is if there's some magical way to
> generate more randomness than the 2^32 you get from rand, without
> requiring Math::TrulyRandom.
It's useful here to sort out two seriously distinct concepts.
rand() doesn't give you randomness, in the crypto sense of
hard-to-guess bits. And when you talk about trying to be able
to seed a random number generator to be able to hit all the
2**225 or whatever distinct decks possible, that's a need for 225
or thereabouts hard-to-guess bits. All rand does is take some
randomness you give it (with srand) and try to use that to seed the
start of a pseudo-random number sequence, which it mathematically
generates and returns one value at a time.
If you don't call srand yourself, it does jiggery-pokery with time
and pid and whatnot; in recent versions it tries /dev/urandom if you
have one, so you can often get good seeds by default. But still only
32 bits or so of seed per eaches. If you have a /dev/urandom, then
it could be that you could get really 100% perfectly honest
shuffles with something as simple as
for (my $i = 0; $i < (225/32); $i++) {
srand; shuffle;
}
although /dev/urandom may not be a great choice to use this way,
since if it runs out of entropy it'll just be stirring its pot. On
the other hand, it's got a big pot, and /dev/random can get pretty
slow if you manage to empty it. Math::TrulyRandom tries to use
the same sort of tricks as /dev/random; it's an alternative if
/dev/random isn't available. Crypt::Random is just a nice friendly
interface to /dev/random --- and it can be redirected to
/dev/urandom.
-Bennett
PGP signature