Boost logo

Boost :

Subject: Re: [boost] Boost.Uuid and header-only support
From: James E. King, III (jking_at_[hidden])
Date: 2017-11-06 13:17:59

On Sun, Nov 5, 2017 at 9:08 AM, Niall Douglas via Boost <
boost_at_[hidden]> wrote:

> > So the initialization of the mersenne twister is expensive, so if you
> > do it once and then reuse it, it is much more efficient than going to
> > Wincrypt.
> Mersenne is only fast on x86/x64. It is dog slow on every other CPU.
> Also, I hate to be pedantic, but Mersenne is not cryptographically
> secure. UUIDs ought to be generated from a crypto-strong source unless
> the end user specifically asks for otherwise.
> On Windows, that's RtlGenRandom() which is rand_s() in recent MSVC's. On
> POSIX that is /dev/urandom or /dev/random depending on the POSIX flavour.
> If you want something faster, Blake2b is crypto strong and fast on all
> modern CPUs. Just need to seed it with a random seed, and you're happy.
> Failing that, really recent CPUs can do SHA256 in hardware, but they
> have tiny market penetration currently. You can, of course, use any AES
> hardware offload also as a randomness generator, that has much wider
> support in CPUs.
> Niall

Is there an existing PRNG in Boost.Random that would be better than mersenne
to use in a "bulk" uuid generator typedef?

Boost list run by bdawes at, gregod at, cpdaniel at, john at