[whatwg] Cryptographically strong random numbers from Roger Hågensen on 2011-02-05 (public-whatwg-archive@w3.org from February 2011)

From: Roger Hågensen <rescator@emsai.net>
Date: Sat, 05 Feb 2011 07:55:04 +0100
Message-ID: <4D4CF448.7030109@emsai.net>

On 2011-02-05 04:39, Boris Zbarsky wrote:
> On 2/4/11 7:42 PM, Adam Barth wrote:
>> interface Crypto {
>>    Float32Array getRandomFloat32Array(in long length);
>>    Uint8Array getRandomUint8Array(in long length);
>> };
>
> The Uint8Array version is good; let's do that.
>
> For the other, what does it mean to return a random 32-bit float?  Is 
> NaN allowed?  Different NaNs?  -0?  Infinity or -Infinity?  Subnormal 
> values?
>
> Looking at the webkit impl you linked to and my somewhat-old webkit 
> checkout, it looks like the proposed impl returns something in the 
> range [0, 1), right?  (Though if so, I'm not sure why the &0xFF bit is 
> needed in integer implementation.)  It also returns something that's 
> not uniformly distributed in that range, at least on Mac and sometimes 
> on Windows (in the sense that there are intervals inside [0, 1) that 
> have 0 probability of having a number inside that interval returned).
>
> In general, I suspect creating a good definition for the float version 
> of this API may be hard.

Not really, usually it is a number from 0.0 to 1.0, which would map to 
say the same as 0 to whatever max 64bit is.
Depending on the implementation, the simplest is just to do 
(pseudocode)   float=Random(0,$FFFFFFFFFFFFFFFF)/$FFFFFFFFFFFFFFFF
A Float64Array getRandomFloat64Array() would also be interesting.
In fact the 32bit and 64bit and uint8 could all be generated from the 
same random data source, just presented differently, uint8 would be the 
"raw"'est though,
and 32bit float is pretty much just truncation of a 64bit float.
But with either float there would never be NaN -0 or Infinity or 
-Infinity. Only the range 0.0 to 1.0 must be returned.
And yes, float issues of rounding and "almost correct but not quite" 
will also be an issue here.

Float random does not make much sense in crypto. In normal random stuff 
I do see it usefull but not crypto.
Then again, look at the potential use cases out there. Does any use 
float? Or do they all use uint/raw?
If they do not use float then just do not include float at all in crypto.

Right now I can only see random floats being of use in 
audio/video/graphics/games/input/output/etc. But not in crypto. (the 
only "key" and "nonce" data/values I've ever seen has been raw/uint or 
an integer or string. never a float)


-- 
Roger "Rescator" H?gensen.
Freelancer - http://www.EmSai.net/

Received on Friday, 4 February 2011 22:55:04 UTC