On 2021-05-29, John Stockton <dr.j.r.stockton@gmail.com> wrote:

That link says "The Crypto.getRandomValues() method lets you get cryptographically strong random values.". That sentence implies that
random values exist which are not cryptographically strong, and so are
not given. Therefore, the method does not give values in the range
randomly. It may suit Jonas; but it does not provide full randomness,
and is badly named.

This paragraph is so confused it's difficult to know where to start.
It seems like you think that some numbers are more random than others
and getRandomValues() avoids returning the "less random" numbers.

"Cryptographically-strong random number generators" are a subset of
"random number generators" (for example, excluding those methods that
produce low-quality randomness) so your statement above is like saying
"Fido is not a mammal because he is a dog".

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Monday, 24 May 2021 at 18:22:22 UTC+1, Michael Haufe (TNO) wrote:

On Sunday, May 23, 2021 at 10:57:14 AM UTC-5, John Stockton wrote:

On Thursday, 29 April 2021 at 19:24:49 UTC+1, Arno Welzel wrote:

Jonas Thörnvall:

[snip]

Why not just this:

<https://developer.mozilla.org/de/docs/Web/JavaScript/Reference/Global_Objects/Math/random>

Quite a lot bad, as I recall.

See http://web.archive.org/web/20150510110440/http://www.merlyn.demon.co.uk/js-randm.htm
which links to http://web.archive.org/web/20180611034551/https://github.com/nquinlan/better-random-numbers-for-javascript-mirror .
See also http://www.jibbering.com/faq/index.html#randomNumber
and see what https://en.wikipedia.org/wiki/Random_number says and cites.

According to http://web.archive.org/web/20130127232731/http://www.merlyn.demon.co.uk/quotings.htm -
https://en.wikipedia.org/wiki/Donald_Knuth wrote/said
"Random numbers should not be generated with a method chosen at random".

If you want better random numbers use the following:

<https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues>

That link says "The Crypto.getRandomValues() method lets you get cryptographically strong random values.". That sentence implies that random values exist which are not cryptographically strong, and so are not given. Therefore, the method does not give
values in the range randomly. It may suit Jonas; but it does not provide full randomness, and is badly named.

Theorem : Any group producing things and giving them new names needs to include a hard-core PEDANT who is experienced not only in things of that nature but also in all languages, natural and artificial, which may be significantly involved. // Remember
the story (probably true) of the luxury English car which sold unexpectedly badly in Germany - because its name included Rot13("Zvfg").

I would prefer to trust random code such as by Johannes Baagøe and associates/rivals; see for example his "Math.random" and the following discussion - https://groups.google.com/g/comp.lang.javascript/c/u8oCu7eNvUI/m/775xVCV_aAsJ?pli=1 (CLJ, Jun 2009).

AFAIR, those are better than https://en.wikipedia.org/wiki/Lehmer_random_number_generator ; but the latter or its modifications should I think usually suffice for non-crypto work.


--
(c) John Stockton, near London, UK. Using Google Groups. |
Mail: J.R.""""""""@physics.org - or as Reply-To, if any. |

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)