[whatwg] Cryptographically strong random numbers
Dirk-Willem van Gulik
Dirk-willem.Van.gulik at bbc.co.uk
Sat Feb 5 07:36:36 PST 2011
On 5 Feb 2011, at 00:42, Adam Barth wrote:
...
> cryptographically strong PRNG
Would it be useful to very clearly qualify this - and put a boundary around this potentially unsolvable problem ? I.e. a pseudo random generator which meeds to exceeds requirements X, Y and Z from NIST SP 800-90 or which passes critera such-and-such from NIST 800-22 ?
Just so that both the contract to the user is clear - and it is measurable ? And it is clear what it can be used for.
> Our third approach is to add a new cryptographically strong PRNG to
> window.crypto (in the spirit of crypto.random) that return floating
> point and integer random numbers:
>
> interface Crypto {
> Float32Array getRandomFloat32Array(in long length);
> Uint8Array getRandomUint8Array(in long length);
> };
A Uint8 makes perfect sense - but why the float ? What crypto uses this ? And exactly what do then the various +- infitiy/NaNs mean ?
Dw
More information about the whatwg
mailing list