Ticket #923 (new bug)

Opened 5 years ago

Last modified 3 years ago

Make RNG algorithm used by rand dynop pluggable

Reported by: japhb Owned by:
Priority: minor Milestone:
Component: core Version: 1.4.0
Severity: low Keywords:
Cc: Language:
Patch status: Platform:

Description

Parrot's current PRNG is an old-style LCG: decent speed, but relatively poor randomness characteristics. According to  http://en.wikipedia.org/wiki/Mersenne_twister at least PHP, Python, and Ruby use the more advanced (but still not cryptographically secure) Mersenne Twister in their standard libraries. Users from those languages will expect the higher-quality PRNG, so we should do at least as well -- either by switching to a free Mersenne Twister implementation, or by choosing an even more advanced algorithm instead.

Change History

Changed 5 years ago by dukeleto

There is an implementation of MT19937 in runtime/parrot/library/Math/Random/mt19937ar.pir which also ships with a .pbc .

Changed 5 years ago by whiteknight

The Mersenne twister is a good algorithm to use (and if we already have an implementation, all the better). However, It's certainly not the "best" algorithm to use and has a relatively complicated implementation. Something like MWC or CMWC would generate numbers faster and be easier to implement. Also the numbers should be of the same quality or higher.

For cryptographic applications we might want to have something like the Blum Blum Shub algorithm.

So what I am saying is, basically, that maybe we should design our randomization interface to support multiple user-selectable back-ends (with a sane default like the Mersenne Twister or CMWC).

Changed 5 years ago by dukeleto

  • summary changed from Replace PRNG algorithm used by rand dynop to Make RNG algorithm used by rand dynop pluggable

Changed 3 years ago by jkeenan

whiteknight, dukeleto: Can we get an update on the status of this ticket?

Thanks.

kid51

Changed 3 years ago by cotto

  • priority changed from normal to minor
  • severity changed from medium to low

This would be nice but is fairly low-priority. I'd accept (or provide feedback) on a patch. Since this ticket was filed, I'm not aware of any work having been done.

It also strikes me as a red herring to say that users of other languages will expect a higher quality of randomness. Users who require high-quality randomness will know to inspect the source and/or documentation to find out what PRNG is being used, if necessary implementing their own PRNG*. Users who don't need high-quality randomness will generally be happy with a PRNG that's not obviously predictable.

[*] I don't intend this to mean that such users are stuck with rolling their own as the only possibility. If they show up here, on parrot-dev or on #parrot and demonstrate that someone who needs high-quality randomness exists, this ticket will become a higher priority.

Note: See TracTickets for help on using tickets.