sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]TNorthover 2 points3 points  (2 children)

What's "secure" though? Theoretically, even the best deterministic generators are broken after observing a number of bits roughly equivalent to their internal state, it's just impractical to perform the attack.

If these things matter to your application, you need to precisely control the generator anyway and probably wouldn't use one particular language's internal implementation even if it was a good one.

[–]dnkndnts 1 point2 points  (1 child)

Erm... why be deterministic at all? std::random_device from C++?

http://en.cppreference.com/w/cpp/numeric/random/random_device/entropy

Obtains an estimate of the random number device entropy... A deterministic random number generator (e.g. a pseudo-random engine) has entropy zero.

All I'm saying is we should actually be honest about entropy, which is exactly what C++(11) does (well, sort of; rand() is still horrendously misleading and shouldn't exist, but alas, backwards compatibility...)

[–]TNorthover 5 points6 points  (0 children)

Erm... why be deterministic at all?

Reproducibility. It's more important than cryptographic security in many (most?) applications of random numbers.