[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: new PRNG's
- From: KHMan <keinhong@...>
- Date: Sat, 5 May 2018 15:23:09 +0800
On 5/5/2018 12:08 PM, Albert Chan wrote:
Reading Vigna latest xoshiro paper (section 11, conclusion),
next version of Lua will use xoshiro256** for math.random.
Is it true ?
Lua 5.4 ?
IMHO, math.random is similar in purpose to C standard library's
random function. It's pseudo-random, that's about it. It does not
promise any quality specifications.
Are there serious flaws that disqualifies the current
implementation from this purpose?
Is there a requirement for cryptographic-quality randomness? Is
that a good idea? For what applications? If for crypto/security,
is it normal for a base programming language library to embrace
such capabilities? Shouldn't we use well-established libraries
instead? If we crunch crypto in pure Lua, wouldn't a timing attack
I just don't see the point of this topic going on and on and on.
Kein-Hong Man (esq.)