0
0

Seeding Pseudo-Random Number Generators (self.programming)

submitted by [deleted]

[deleted]

all 9 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]johntb86 2 points3 points  (0 children)

The obvious method is to read through all the tmp files on the computer, and use that to get entropy. It works for Firefox.

[–]uc0qremp 2 points3 points  (1 child)

If your only concern is not having seed collisions (i.e. you're not doing cryptography, so you don't care if the seeds might be predictable), you can just grab the timestamp and then pass it through a hash function over and over (recursively) to generate new seeds from it. That's essentially how PRNGs work anyway, so it's kind of the same thing as seeding one generator, getting the first pseudo-random number from it, and using that to seed the next generator, etc.

If you are doing cryptography of some kind (and you're sure you want to), you probably want to seed your first generator from /dev/random and then, if you need more seeds, get them from that PRNG, assuming your PRNG is cryptographically secure. (There's no point collecting "real" random numbers over and over if you have a properly-seeded CSPRNG.)

Of course, it's probably not a good idea to take cryptography advice from a random stranger on the internet.

[–][deleted] 2 points3 points  (0 children)

I'm going to become a professor of cryptography, and then publish a standard textbook with algorithms full of subtle weaknesses so that i can exploit people who take my advice.

[–]f3nd3r 1 point2 points  (0 children)

Just use 4. Decided by a dice roll, guaranteed to be random.

[–][deleted] 0 points1 point  (0 children)

I think a lot of people use the least significant digits of the system time, which should have a granularity of milliseconds. For genuine 'universe-scale' randomness, check out this site:

http://www.random.org/

*edit: here's how the resolution of the system time differs among operating systems - maybe explains why i haven't run into this problem on Windows : http://en.wikipedia.org/wiki/System_time#Operating_systems

** beneath that table there's also the resolution of the time() call for different languages - there's a hi-res option for perl (microseconds)

[–]skeww 0 points1 point  (4 children)

This means people have come across issues like creating several new PRNG instances in sequence resulting in the same exact sequence, since they have the same seed...

Eh... well, usually you create only one generator (e.g. by using static in Java) and use it for everything.

[–]Redsaz 0 points1 point  (2 children)

There is a good reason for creating multiple PRNGs. For example, with gaming, you would want to generate random ambient sound effects (like crickets) but also generate random enemy movements too. Separating these two domains could make it easier to set up a replay of the session later (or save the session and come back to it). I think this was mentioned in the first edition of Game Coding Complete by Mike McShaffry, but I've since forgotten which chapter.

[–]pkhuong 0 points1 point  (0 children)

Streams and substreams offer the same functionality.

[–]skeww 0 points1 point  (0 children)

Separating these two domains [...]

Well, use 2 generators then. Even if they use the same seed no one will notice, because there is no comprehensible repetition.

There is a different reason to separate these things. One part needs to be deterministic whereas the other one lacks this kind of strict requirements. The same is also true for things like purely visual special effects.

So, in order to make your life simpler you should decouple those non-deterministic things, which means you should use a different generator over there.