- From: Dirk-Willem van Gulik <Dirk-willem.Van.gulik@bbc.co.uk>
- Date: Sat, 5 Feb 2011 15:36:36 +0000
On 5 Feb 2011, at 00:42, Adam Barth wrote: ... > cryptographically strong PRNG Would it be useful to very clearly qualify this - and put a boundary around this potentially unsolvable problem ? I.e. a pseudo random generator which meeds to exceeds requirements X, Y and Z from NIST SP 800-90 or which passes critera such-and-such from NIST 800-22 ? Just so that both the contract to the user is clear - and it is measurable ? And it is clear what it can be used for. > Our third approach is to add a new cryptographically strong PRNG to > window.crypto (in the spirit of crypto.random) that return floating > point and integer random numbers: > > interface Crypto { > Float32Array getRandomFloat32Array(in long length); > Uint8Array getRandomUint8Array(in long length); > }; A Uint8 makes perfect sense - but why the float ? What crypto uses this ? And exactly what do then the various +- infitiy/NaNs mean ? Dw
Received on Saturday, 5 February 2011 07:36:36 UTC