Am Sun, 03 Mar 2013 09:58:41 +0100 schrieb "Ivan Kazmenko" <ga...@mail.ru>:
> > Can anyone advise on the theoretical basis for the > > unpredictableSeed method in std.random? I've tried googling > > around for the theory of good thread-safe seed generation > > methods but haven't really found anything. :-( > > I have to ask: what would be a good unpredictableSeed by > definition? With the current implementation, three downsides > come to my mind: > > 1. Process ID, thread ID and system tick are insecure sources of > randomness and can provide just a few bits of randomness in > certain situations. I don't know how to address this in a > portable way. > > 2. Once we know the first seed, it is easy to predict all > subsequent seeds. A solution would be to use a secure RNG > instead, not just the one which gives away its state. > > 3. It would be a particularly bad idea to initialize MinstdRand0 > instances with consecutive unpredictableSeeds and then consider > them independent. This is just a consequence of a particular > choice of RNG on the previous step. > > So, which of these do you consider the real problems, and what > more do you need from unpredictableSeed? > > ----- > Ivan Kazmenko. Maybe it would make sense to use /dev/random where available? (The problem is that /dev/random can block. On small embedded systems without monitor/mice/keyboard this can happen easily)