- From: Erik Corry <erik.corry@gmail.com>
- Date: Tue, 22 Feb 2011 23:49:47 +0100
I can find Klein's complaints that the implementation of Math.random is insecure but not his complaints about the API. Do you have a link? It seems pretty simple to generate a random number from 1 to 2 by fixing the exponent and mixing in 52 bits of random mantissa. Subtract 1 to get an evenly distributed value from 0-1. Multiply and Math.floor or >>> to get your 8, 16, or 32 bits of randomness. On Feb 22, 2011 11:04 PM, "Brendan Eich" <brendan at mozilla.org> wrote: > On Feb 22, 2011, at 2:00 PM, Jorge wrote: > >> On 22/02/2011, at 22:36, Brendan Eich wrote: >>> (...) >>> >>> However, Math.random is a source of bugs as Amit Klein has shown, and these can't all be fixed by using a better non-CS PRNG underneath Math.random and still decimating to an IEEE double in [0, 1]. The use-cases Klein explored need both a CS-PRNG and more bits, IIRC. Security experts should correct amateur-me if I'm mistaken. >> >> .replace( /1]/gm, '1)' ) ? > > Right. > > Reading more of Amit Klein's papers, the rounding to IEEE double also seems problematic. Again, I'm not the crypto-droid you are looking for. > > /be >
Received on Tuesday, 22 February 2011 14:49:47 UTC