<div dir="ltr">(Hey Rob, long time no Smalltalk!)<div><br></div><div>I suggest some changes we did in Cuis. First, for Park-Miller you can do a small change to #initialize, insert a hashMultiply somewhere when initializing the seed. I did experiments in Cuis, drawing histograms to see if it looks like a uniform distribution, and ended up doing something like</div><div> seed _ (Time millisecondClockValue + self identityHash) hashMultiply \\ m<br><div><br></div></div><div>Another issue with Random that we addressed in Cuis is related to the bit size of each output. Random>>nextValue returns Floats with 31 random bits (or 30). It doesn't return a uniformly distributed Float between 0 and 1 (some Float values don't have a chance to be output). Similarly, Random>>nextInt: n will not really return an integer between 1 and n if n is large enough, for example (1 << 64) atRandom returns always odd integers (not very random uh).</div><div><br></div><div>So I suggest to think of Random as a generator of random "bits" or "blocks of bits", and to generate a Float it should actually build it from 52 randomly generated bits (to fill out the mantissa), and nextInt: n should also be implemented from random bits (or chunks of bits).</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, May 18, 2016 at 11:25 PM, Robert Withers <span dir="ltr"><<a href="mailto:robert.w.withers@gmail.com" target="_blank">robert.w.withers@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
Thanks for cc-ing me. I don't have much exposure to random, so I am
cc-ing the Cryptography list, in hopes they might help. This doesn't
very random, you're right. Here were Peter's questions:<br>
<br>
<blockquote>
<div>My questions:</div>
<div>1) do we really want to have global fixed seed?</div>
<div>2) Random new should actually setup a usable seed so I don't
need to first run it N times before I can use the value</div>
<div>3) Should we switch to what UUIDGenerator is using… reading
/dev/urandom for the initial seed setup?</div>
</blockquote>
<div>Rob<br>
</div>
<br>
<br>
<div>On 05/18/2016 07:05 PM, Peter Uhnák
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div>
<div>Hi,<br>
</div>
</div>
<div><br>
</div>
<div>(cc-ing Robert Withers as he seems to be working with
cryptography and security... as this seems related and may
have some implications, but I am likely wrong about the
implications)<br>
</div>
<div><br>
</div>
<div>yesterday I've encountered a very surprising behavior</div>
<div><br>
</div>
<div>I executed the same script `10 atRandom` on the same image
without saving it and got the same output:</div>
<div><br>
</div>
<div>
<div>while true; do</div>
<div> pharo-vm --nodisplay latest.image
--no-default-preferences eval '10 atRandom'</div>
<div>done</div>
<div>10</div>
<div>10</div>
<div>10</div>
<div>10</div>
<div>10</div>
<div>10</div>
</div>
<div><br>
</div>
<div>Not so random… not random at all.</div>
<div><br>
</div>
<div>Apparently the default random generator uses SharedRandom
pool, that is initialized only once… so every time you start
an image you get the EXACT same random seed... I think this is
stupid, and I am not sure what are the security implications
of this (e.g. when opening an SSL connection… having fixed
world-wide initial seed seems like an awful, awful idea), but
whatever…</div>
<div><br>
</div>
<div>So instead I tried to explicitly specify the Random
generator… which I can do</div>
<div><br>
</div>
<div>
<div>while true; do</div>
<div> pharo-vm --nodisplay latest.image
--no-default-preferences eval '10 atRandom: Random new'</div>
<div>done</div>
<div>5</div>
<div>5</div>
<div>5</div>
<div>5</div>
<div>5</div>
</div>
<div><br>
</div>
<div>Still not random… what?</div>
<div><br>
</div>
<div>
<div>while true; do</div>
<div> pharo-vm --nodisplay latest.image
--no-default-preferences eval 'Random new instVarNamed:
#seed'</div>
<div>done</div>
<div>426306047</div>
<div>426305545</div>
<div>426305546</div>
<div>426306010</div>
</div>
<div><br>
</div>
<div>So the seed is different but thanks to the magic of masking
the seed, I always get the same first several bits… thus the
same result for small numbers.</div>
<div><br>
</div>
<div>So if I actually want what seems like a random value… I
have to at least once run the generator…</div>
<div><br>
</div>
<div>
<div>while true; do</div>
<div> pharo-vm --nodisplay latest.image
--no-default-preferences eval '10 atRandom: (Random new
next; yourself)'</div>
<div>done</div>
<div>7</div>
<div>3</div>
<div>4</div>
<div>9</div>
<div>6</div>
<div>7</div>
</div>
<div><br>
</div>
<div>Once I start to use it the properties of the algo kick in
so it's pseudo-random… but I need to run it once to initialize
it, which is wtf.</div>
<div><br>
</div>
<div>My questions:</div>
<div>1) do we really want to have global fixed seed?</div>
<div>2) Random new should actually setup a usable seed so I
don't need to first run it N times before I can use the value</div>
<div>3) Should we switch to what UUIDGenerator is using… reading
/dev/urandom for the initial seed setup?</div>
<div><br>
</div>
<div>Peter</div>
</div>
</blockquote>
<br>
</div>
<br>_______________________________________________<br>
Cryptography mailing list<br>
<a href="mailto:Cryptography@lists.squeakfoundation.org">Cryptography@lists.squeakfoundation.org</a><br>
<a href="http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography" rel="noreferrer" target="_blank">http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography</a><br>
<br></blockquote></div><br></div>