[Cryptography] Finding Nemo's random seed
Ray Dillinger
bear at sonic.net
Wed Sep 6 19:34:58 EDT 2017
On 09/06/2017 07:10 AM, Henry Baker wrote:
> Two words: functional programming.
>
> Another two words: no sympathy.
They deserve *some* sympathy. Everybody has learning experiences, and
learning experiences are often painful. But if they have the same
learning experience again, they deserve no sympathy whatsoever.
There's almost always a library call that specifies a pseudo-random
stream - that the same sequence will be generated from the same input.
It is almost never guaranteed stable. They don't specify what
generator, they don't give the parameters, and they don't give test
vectors. In subsequent versions, in different environments, with
different sets of dll's or shared objects, they can fulfill what the
library documentation promises by giving you a *different* sequence
that's repeatable in *that* environment.
If you need stable repeatable sequences, eg, for documents that may be
read elsewhere or later or by a different version, or even by the same
version as compiled in a different build configuration, it's just plain
dumb to rely on a library call unless they specifically promise
stability. Otherwise version-stable PRNG sequences are
application-specific, and the PRNG has to be part of the application
source code.
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170906/fe03cb14/attachment.sig>
More information about the cryptography
mailing list