An associate of mine has previously run into problems with utilizing underlying platform random number generation for encryption and security and had come across a site that plotted noise spheres for various RNG's. Unfortunately, the site is no longer accessible. He ended up going with the attached 'C' code for RNG, for use in the algorithms. When asked for a pointer to the www site, he said:
The site in question is no longer up. What it did was plot the "noise sphere" of the output of numerous RNG's from different OS's to give a measure of how good any encryption would be. Noise spheres of higher dimensions are used to rate high-order correlations between samples in sequences. I would suggest doing a search on "noise sphere". (if I recall correctly, either the 'mathworks' site and/or the 'wolfram' (mathematica) site(s) have a good discussion on the use of "noise spheres".)
The DDJ mag (Doctor Dobb's Journal) site also used to have a good discussion on the difficulty of artificially generated randomness as well.
Windows 98/ME/NT4 did rate as among the poorest RNGs; Windows 2000 was much improved and Windows XP rates as equivalent to many UNIX's. In any case, the MAC (OS7 and later) and Linux (2.4 kernel) rated as among the best.
<snip>
We ended up using a RNG we found in the 95-03 version of 'snippets'. I have included them here.
Perhaps this information may help with the RNG considerations.
Ken
-----Original Message----- From: squeakfoundation-admin@lists.squeakfoundation.org [mailto:squeakfoundation-admin@lists.squeakfoundation.org]On Behalf Of Tim Rowledge Sent: December 3, 2002 4:28 PM To: squeakfoundation@lists.squeakfoundation.org Subject: Re: [Squeakfoundation]Two fixes I would like!
John M McIntosh johnmci@smalltalkconsulting.com is claimed by the authorities to have written:
One of the issues is that on the mac the millisecond clock starts from zero at application start time, so this code
Possible simple improvement; add a prim to return a seed. Each platform can do whatever it can plausibly do (sounds like some OSs have some sort of facility for random) and returns a number. Is a SmallInt good enough or should we allow LPIs?
If the prim fails then we fall back to the current case and nobody is any worse off.
tim
Tim Rowledge, tim@sumeru.stanford.edu, http://sumeru.stanford.edu/tim Strange OpCodes: SDS: Sort of Do Something
Squeakfoundation mailing list Squeakfoundation@lists.squeakfoundation.org http://lists.squeakfoundation.org/listinfo/squeakfoundation
Ken G. Brown kbrown@tnc.ab.ca said:
An associate of mine has previously run into problems with utilizing underlying platform random number generation for encryption and security and had come across a site that plotted noise spheres for various RNG's. Unfortunately, the site is no longer accessible. He ended up going with the attached 'C' code for RNG, for use in the algorithms.
Please, all - we're discussing here whether to include a quick fix for a simple problem - the UUID's repeated b/c the randomizing stuff wasn't working correctly. I think that the discussions on how and whether to generally fix/implement (P)RNG in Squeak belong on the Squeak-dev list.
squeakfoundation@lists.squeakfoundation.org