Re: random numbers API

Le 16/11/2012 17:35, Florian Bösch a écrit :
> On Fri, Nov 16, 2012 at 5:20 PM, David Bruant <bruant.d@gmail.com 
> <mailto:bruant.d@gmail.com>> wrote:
>
>     That'd be a nonsense to add seeding in my opinion. If you want
>     security, you don't want to take the risk of people seeding and
>     loose all security property. If it's for debugging purposes, the
>     seeding should be part of a devtool, not of the web-facing API.
>
> I agree that in the crypographic context seeding might not make sense 
> (or even guarantees about repeatability).
>
> The purpose of the proposal of a fast, reliable, statistically sound, 
> repeatable, seedable PRNG in JS however is not to do cryptography. It 
> would be to be able to perform procedural computation repeatably 
> regardless of machine, VM, optimization and vendor differences. An 
> example: Say you wanted to do a procedural universe consisting of 1 
> million stars. At 3 cartesian coordinates per star and at each 
> component having 8 bytes, you'd get 22MB of data. If you want to share 
> this galaxy with anybody you'll have to pass them this 22mb blob. If 
> you want multiple people in the same galaxy, you have to pass them 
> that blob.
If you want repeatable, you actually don't want random (as your title 
suggests) but PRNG very specifically ("pseudo" being themost important 
part). In that case, I feel writing your own PRNG will be almost as fast 
as a native one with nowadays crazy JIT. Just write an algorithm that 
you're satisfied and pass around the algo and any parametrization you 
want. I feel it would solve your use case.

> It takes about 0.7 seconds in C to generate 3 million statistically 
> sound random numbers for longs.
Do you have measurements of how much the same algo takes in JS?

David

Received on Friday, 16 November 2012 17:03:05 UTC