- From: Dirk-Willem van Gulik <Dirk-willem.Van.gulik@bbc.co.uk>
- Date: Sat, 5 Feb 2011 15:36:36 +0000
On 5 Feb 2011, at 00:42, Adam Barth wrote:
...
> cryptographically strong PRNG
Would it be useful to very clearly qualify this - and put a boundary around this potentially unsolvable problem ? I.e. a pseudo random generator which meeds to exceeds requirements X, Y and Z from NIST SP 800-90 or which passes critera such-and-such from NIST 800-22 ?
Just so that both the contract to the user is clear - and it is measurable ? And it is clear what it can be used for.
> Our third approach is to add a new cryptographically strong PRNG to
> window.crypto (in the spirit of crypto.random) that return floating
> point and integer random numbers:
>
> interface Crypto {
> Float32Array getRandomFloat32Array(in long length);
> Uint8Array getRandomUint8Array(in long length);
> };
A Uint8 makes perfect sense - but why the float ? What crypto uses this ? And exactly what do then the various +- infitiy/NaNs mean ?
Dw
Received on Saturday, 5 February 2011 07:36:36 UTC