Make RNG algorithm used by rand dynop pluggable

[japhb]

Parrot's current PRNG is an old-style LCG: decent speed, but relatively poor randomness characteristics. According to  http://en.wikipedia.org/wiki/Mersenne_twister at least PHP, Python, and Ruby use the more advanced (but still not cryptographically secure) Mersenne Twister in their standard libraries. Users from those languages will expect the higher-quality PRNG, so we should do at least as well -- either by switching to a free Mersenne Twister implementation, or by choosing an even more advanced algorithm instead.

[dukeleto]

There is an implementation of MT19937 in runtime/parrot/library/Math/Random/mt19937ar.pir which also ships with a .pbc .

[whiteknight]

The Mersenne twister is a good algorithm to use (and if we already have an implementation, all the better). However, It's certainly not the "best" algorithm to use and has a relatively complicated implementation. Something like MWC or CMWC would generate numbers faster and be easier to implement. Also the numbers should be of the same quality or higher.

For cryptographic applications we might want to have something like the Blum Blum Shub algorithm.

So what I am saying is, basically, that maybe we should design our randomization interface to support multiple user-selectable back-ends (with a sane default like the Mersenne Twister or CMWC).

[jkeenan]

whiteknight, dukeleto: Can we get an update on the status of this ticket?

Thanks.

kid51

[cotto]

This would be nice but is fairly low-priority. I'd accept (or provide feedback) on a patch. Since this ticket was filed, I'm not aware of any work having been done.

It also strikes me as a red herring to say that users of other languages will expect a higher quality of randomness. Users who require high-quality randomness will know to inspect the source and/or documentation to find out what PRNG is being used, if necessary implementing their own PRNG*. Users who don't need high-quality randomness will generally be happy with a PRNG that's not obviously predictable.

[*] I don't intend this to mean that such users are stuck with rolling their own as the only possibility. If they show up here, on parrot-dev or on #parrot and demonstrate that someone who needs high-quality randomness exists, this ticket will become a higher priority.