Pseudo random

Is safe to use Kernel#rand to get pseudo-random integers?

On Sun, 2009-07-26 at 06:55 +0900, Kless wrote:

Is safe to use Kernel#rand to get pseudo-random integers?

It depends on what you need them for.

  • If you need them for something related to security or authentication,
    then no, you need a better-quality randomness source than that.

  • If you need them for a monte-carlo simulation, it might be
    acceptable.

  • If you are writing a game it’s probably okay.

-mental

Ruby uses a mersene twister for its prng. This provides a high quality
source of pseudo random numbers for noncryptographic purposes. If you
need random numbers for crypto or you need independent prng streams then
you need a different source.

Kirk H.
Sent from my Verizon Wireless BlackBerry

On 27.07.2009 09:32, Kless wrote:

and IVs.
n ||= 16

Gets 52 cards with values in range 0-255, and then they are

shuffled.
cards = (1…52).map { rand(256) }.shuffle

Finally gets ‘n’ cards from the deck, and it is encoded to ASCII.

(1…n).map { cards[rand(52)] }.pack(“C*”)
end

My pseudo randomness math is a bit rusty these days but it may be that
you do not increase randomness by using your approach as you still use
only one source of randomness. If this is the case, the same can be
achieved by doing

def bytes(n = 16)
b = “”
n.times { b << rand(256) }
b
end

or with 1.9

def bytes(n = 16)
“”.tap do |b|
n.times { b << rand(256) }
end
end

Kind regards

robert

For if this can help to somebody, I use a deck of 52 cards to get a
better randomness. Although it could be used a deck of: number to
return * 2 (or 3)


def bytes(n=nil)

The range of possible values to each card is 256 (0-255), the

maximum length to representing an ASCII character.

By default returns 16 bytes (128 bits), a common value in salts

and IVs.
n ||= 16

Gets 52 cards with values in range 0-255, and then they are

shuffled.
cards = (1…52).map { rand(256) }.shuffle

Finally gets ‘n’ cards from the deck, and it is encoded to ASCII.

(1…n).map { cards[rand(52)] }.pack(“C*”)
end