hap.random: a new random number library for D

Chris Cain via Digitalmars-d-announce digitalmars-d-announce at puremagic.com
Thu Jun 12 01:49:43 PDT 2014 

On Wednesday, 11 June 2014 at 06:41:34 UTC, Joseph Rushton 
Wakeling wrote:
>> Done :) ... if I get a response, I'll make sure to incorporate 
>> everything said.
>
> Great, let me know how that goes. :-)

Well, the ultimate conclusion of the conversation with the guy is 
that:
1. ISAAC probably isn't cryptographically secure. Despite not 
having found any attacks, it just isn't proof of security. It's 
not been looked at enough to really approve of its usage for that 
purpose (I'm kind of agreeing with this)

2. ISAAC in his opinion probably isn't appropriate for non secure 
uses for much the same reason.

I don't agree with that because everything I've seen for ISAAC 
shows that it has some really good statistical properties. Even 
if it's not cryptographically secure, it appears to produce 
"better" pseudorandom numbers to me than something like MT19937 
or Well* (and ISAAC is really fast after the initial cost has 
been paid back)

Ultimately, I think ISAAC (and ISAAC-64) _will_ get more scrutiny 
in the future as it's a PRNG used in Rust, for instance. I would 
not suggest it for default purposes, but I think having it as a 
non-crypto RNG in D wouldn't be a bad idea for those who want to 
choose to use it.

3. Better ideas for crypto PRNGs are AES-CTR or Salsa20.

I agree with this approach for the crypto section of std.random. 
I'd also suggest Blum Blum Shub as another thing to add. It's 
awfully slow, but it's probably one of the few PRNGs that is 
"provably strong" (that is, it's been reduced to a known hard 
problem).

Also, he suggested me to refer to a presentation he made last 
year: http://aumasson.jp/data/talks/randomness_hackepfl13.pdf

I've gone through it and it looks like excellent reference 
material. Note slide 76 saying: "Don't use RaaS (things like 
random.org) -> random bits may be shared or reused". Also, it has 
suggestions for entropy on Windows (CryptGenRandom) which is 
something that will be necessary as well.

Overall, very enlightening.

More information about the Digitalmars-d-announce mailing list