[fpc-pascal] quality of FPC random
Jonas Maebe
jonas.maebe at elis.ugent.be
Fri Aug 14 16:41:03 CEST 2015
Xiangrong Fang wrote on Fri, 14 Aug 2015:
> 2015-08-14 21:47 GMT+08:00 Jonas Maebe <jonas.maebe at elis.ugent.be>:
>
>> No PRNG is suited for that purpose, because every PRNG is by definition
>> predictable and you need unpredictable numbers for IVs.
>
> Well, practically, how can I get totally unpredictable numbers?
By using /dev/urandom
> Without introduce hardware source like a dongle or other devices (which is
> not acceptable for my purpose), I suppose good quality PRNGs are the only
> thing that I can use?
No, you cannot use PRNGs for this purpose at all.
> Also, why FPC random number are not comparable to /dev/urandom? Despite
> the difference in their quality and speed (if any), what's the difference
> between them? especially, what are the typical use cases of these 2 PRNGs
> when they are designed?
/dev/urandom is not a PRNG. It returns "real" random numbers and its
use case is for security-sensitive purposes (how reliable it is at
generating true random data, is a completely separate issue). The use
case for a PRNG like FPC's is in games, simulations and the like.
Again: all PRNG's are of the absolutely worst possible quality when
the goal is security, because no matter how good they are at bit
swizzling and regardless of how large their state is, they are 100%
predictable.
Jonas
More information about the fpc-pascal
mailing list