Just how bad is the Microsoft Visual C++ 6 rand function, anyway?
Trei, Peter
ptrei at rsasecurity.com
Tue May 21 11:52:01 EDT 2002
Now, I'm sure no one on this list would trust MSVC6 rand() for anything
important, but this post from sci crypt (which I have not cofirmed)
may be of interest:
Peter Trei
- start quote ---------------------
Newsgroups: sci.crypt, sci.crypt.random-numbers
Subject: Warning: MSVC6 rand function
Message-ID: <fu9G8.288206$tt4.19380223 at e3500-atl2.usenetserver.com>
Organization: Bellsouth.Net
Date: Mon, 20 May 2002 12:31:09 -0400
In case anyone's interested, the rand() function that ships in the C runtime
library with Microsoft Visual Studio 6.0 is a *15-bit* LC-PRNG. Not only
that, but the most significant bit, which is also the most random bit in an
LC-PRNG, is discarded by masking.
Code snippet follows:
int __cdecl rand (void)
{
return(((holdrand = holdrand * 214013L + 2531011L) >> 16) & 0x7fff);
}
- end quote ---------------------------
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list