Pseudo random

[Kless]

Is safe to use Kernel#rand to get pseudo-random integers?

 

[MenTaLguY]

Is safe to use Kernel#rand to get pseudo-random integers?

It depends on what you need them for.

- If you need them for something related to security or authentication,
then no, you need a better-quality randomness source than that.

- If you need them for a monte-carlo simulation, it *might* be
acceptable.

- If you are writing a game it's probably okay.

-mental

 

[wyhaines]

Ruby uses a mersene twister for its prng. This provides a high quality source of pseudo random numbers for noncryptographic purposes. If you need random numbers for crypto or you need independent prng streams then you need a different source.

Kirk Haines
Sent from my Verizon Wireless BlackBerry

-----Original Message-----
From: Kless <[email protected]>

Date: Sun, 26 Jul 2009 06:55:12
To: ruby-talk ML<[email protected]>
Subject: Pseudo random


Is safe to use Kernel#rand to get pseudo-random integers?

 

[Kless]

For if this can help to somebody, I use a deck of 52 cards to get a
better randomness. Although it could be used a deck of: number to
return * 2 (or 3)

-----------------------
def bytes(n=nil)
# The range of possible values to each card is 256 (0-255), the
# maximum length to representing an ASCII character.

# By default returns 16 bytes (128 bits), a common value in salts
and IVs.
n ||= 16

# Gets 52 cards with values in range 0-255, and then they are
shuffled.
cards = (1..52).map { rand(256) }.shuffle

# Finally gets 'n' cards from the deck, and it is encoded to ASCII.
(1..n).map { cards[rand(52)] }.pack("C*")
end

 

[Robert Klemme]

For if this can help to somebody, I use a deck of 52 cards to get a
better randomness. Although it could be used a deck of: number to
return * 2 (or 3)

-----------------------
def bytes(n=nil)
# The range of possible values to each card is 256 (0-255), the
# maximum length to representing an ASCII character.

# By default returns 16 bytes (128 bits), a common value in salts
and IVs.
n ||= 16

# Gets 52 cards with values in range 0-255, and then they are
shuffled.
cards = (1..52).map { rand(256) }.shuffle

# Finally gets 'n' cards from the deck, and it is encoded to ASCII.
(1..n).map { cards[rand(52)] }.pack("C*")
end
-----------------------

My pseudo randomness math is a bit rusty these days but it may be that
you do not increase randomness by using your approach as you still use
only one source of randomness. If this is the case, the same can be
achieved by doing

def bytes(n = 16)
b = ""
n.times { b << rand(256) }
b
end

or with 1.9

def bytes(n = 16)
"".tap do |b|
n.times { b << rand(256) }
end
end

Kind regards

robert