|
Boost : |
Subject: Re: [boost] New Boost.XInt Library, request preliminary review
From: Steven Watanabe (watanabesj_at_[hidden])
Date: 2010-03-26 19:17:50
AMDG
Chad Nelson wrote:
>> "Random Number Functions
>> The library includes a secure random number generator, primarily to
>> support the random_prime function, but a user-friendly interface is also
>> available to developers using the library."
>>
>> *Mersenne Twister is not a cryptographic PRNG*
>>
>
> Hm, you're right. I didn't realize that it could be predicted after so
> few values. I'll re-work that part to use /dev/urandom or RtlGenRandom
> directly when they're available.
>
> On systems where they're *not* available, is there a better choice of
> generator, given an (unpredictable) user-supplied seed value?
>
All the Boost.Random generators are linear and therefore insecure.
Can you just use boost::random_device instead of writing your
own wrapper?
In Christ,
Steven Watanabe
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk