[whatwg] Cryptographically strong random numbers
Boris Zbarsky
bzbarsky at MIT.EDU
Fri Feb 4 19:39:39 PST 2011
On 2/4/11 7:42 PM, Adam Barth wrote:
> interface Crypto {
> Float32Array getRandomFloat32Array(in long length);
> Uint8Array getRandomUint8Array(in long length);
> };
The Uint8Array version is good; let's do that.
For the other, what does it mean to return a random 32-bit float? Is
NaN allowed? Different NaNs? -0? Infinity or -Infinity? Subnormal
values?
Looking at the webkit impl you linked to and my somewhat-old webkit
checkout, it looks like the proposed impl returns something in the range
[0, 1), right? (Though if so, I'm not sure why the &0xFF bit is needed
in integer implementation.) It also returns something that's not
uniformly distributed in that range, at least on Mac and sometimes on
Windows (in the sense that there are intervals inside [0, 1) that have 0
probability of having a number inside that interval returned).
In general, I suspect creating a good definition for the float version
of this API may be hard.
One other thing that perhaps needs to be defined is seeding. In
particular, just because you have a cryptographically strong PRNG
doesn't mean that you can't always seed it with 0 on pageload or
something dumb like that. Should we require that the seed be truly
random or some such? Or at least not fixed? Should web pages be able
to reseed this generator (at least for the web page in question;
obviously not for others)?
-Boris
More information about the whatwg
mailing list