[whatwg] Cryptographically strong random numbers

Boris Zbarsky bzbarsky at MIT.EDU
Fri Feb 4 19:39:39 PST 2011


On 2/4/11 7:42 PM, Adam Barth wrote:
> interface Crypto {
>    Float32Array getRandomFloat32Array(in long length);
>    Uint8Array getRandomUint8Array(in long length);
> };

The Uint8Array version is good; let's do that.

For the other, what does it mean to return a random 32-bit float?  Is 
NaN allowed?  Different NaNs?  -0?  Infinity or -Infinity?  Subnormal 
values?

Looking at the webkit impl you linked to and my somewhat-old webkit 
checkout, it looks like the proposed impl returns something in the range 
[0, 1), right?  (Though if so, I'm not sure why the &0xFF bit is needed 
in integer implementation.)  It also returns something that's not 
uniformly distributed in that range, at least on Mac and sometimes on 
Windows (in the sense that there are intervals inside [0, 1) that have 0 
probability of having a number inside that interval returned).

In general, I suspect creating a good definition for the float version 
of this API may be hard.

One other thing that perhaps needs to be defined is seeding.  In 
particular, just because you have a cryptographically strong PRNG 
doesn't mean that you can't always seed it with 0 on pageload or 
something dumb like that.  Should we require that the seed be truly 
random or some such?  Or at least not fixed?  Should web pages be able 
to reseed this generator (at least for the web page in question; 
obviously not for others)?

-Boris



More information about the whatwg mailing list