Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:118844 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 58414 invoked from network); 18 Oct 2022 18:14:20 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 18 Oct 2022 18:14:20 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 16F431804F8 for ; Tue, 18 Oct 2022 11:14:19 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS15169 209.85.128.0/17 X-Spam-Virus: No X-Envelope-From: Received: from mail-vs1-f48.google.com (mail-vs1-f48.google.com [209.85.217.48]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Tue, 18 Oct 2022 11:14:18 -0700 (PDT) Received: by mail-vs1-f48.google.com with SMTP id h29so15562604vsq.9 for ; Tue, 18 Oct 2022 11:14:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=nirdYmwokbpXeqVkYNFzt8Eipk/epsIbX52FFEV8pbk=; b=Tlx73MgWNquDHohorI8B/kzUFooAOxkEA1qn80ssHjbB8HbeBnSgDTHYOlrrAYcD2m U7BCXUdCcHVoS3PuxHPQN9sE0Q72xQ0p9XLYlM2mCKGEl5CxxbAdx0IYqWliaZDBziAE 9J+zbBFz+y0q+H3nYeePT6KN0aBPMZb1s5zj9DmeTlA7QD/LLaQVI8QqED5MSbjn0ZWu 5Db2DjalDKsXitEL0jPoAC66mCYWZJAHn6+86xFa7ySA4ggs0bi9ST2y5dyVTzzYJy0X iu8OZKcn6FCjYsuaW4bBpTCkM68QcYLj3qRNoU8w7/8i5a7kIubZcDLjYnBXMATBCrwS TgLw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=nirdYmwokbpXeqVkYNFzt8Eipk/epsIbX52FFEV8pbk=; b=oEP+bI1DkLe+yn/NPxbVQM/VZgCZAYp3Fh7THT8aF5aa7irPKy6gcHb4FhLp4Bt1pu oruBm0VReuIJRCSrTGrzn+dF+eo476K40mtTHCCAqTaFNUNdoMcmcqYYxnm2X4tBZhsB SjELHNw8CDOtDVPUg5ivabJU7j9jZ6L0K7Hudbzo9CxpKb2Y+MdRyUi/8eihFk/mUC+G ji5VTEbixlsgxOJO9Bd+AdWxhSbclP9gskTsiltnLiVjAbv7HxRNH2d0dqnwqgSa9ZZn wmcq5hHgBsdvXOgcSYfG36hUziK3EDgAkFdLFQAUb6j78E+AoZ2i1c1WGJRYxFB6FXfb xdHg== X-Gm-Message-State: ACrzQf06cNaILwnpsS7K81sLkrn6fMvD4ri3Pm0Z9LDDUxyCwuIXDK/A 46X7CrCj3iLfUwBhPWX5/JyaYUQf03OXnj8/1tk66fBRXX4= X-Google-Smtp-Source: AMsMyM5azuJXmbwi4yC6viTwrJiKEyGRkjXxegRSaiP+UAdxAgKvN8/zFDPtqh2ad5bepws/x6hT16nl17vwkvmr274= X-Received: by 2002:a67:e284:0:b0:3a7:9c83:6880 with SMTP id g4-20020a67e284000000b003a79c836880mr2368261vsf.52.1666116857668; Tue, 18 Oct 2022 11:14:17 -0700 (PDT) MIME-Version: 1.0 References: <5ceebae4-a3fb-5d29-cdb7-dceed7b07c78@wcflabs.de> In-Reply-To: Date: Tue, 18 Oct 2022 11:14:05 -0700 Message-ID: To: =?UTF-8?Q?Tim_D=C3=BCsterhus?= Cc: Dan Ackroyd , =?UTF-8?Q?Joshua_R=C3=BCsweg?= , internals@lists.php.net Content-Type: multipart/alternative; boundary="00000000000074a93b05eb530f1f" Subject: Re: [PHP-DEV] RFC [Discussion]: Randomizer Additions From: jordan.ledoux@gmail.com (Jordan LeDoux) --00000000000074a93b05eb530f1f Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, Oct 18, 2022 at 10:22 AM Tim D=C3=BCsterhus wrot= e: > > This cannot be reasonably done in userland, because you pay an increased > cost to turn the bytes into numbers and then to perform the necessary > bit fiddling to debias the numbers. > To add to this, I'm going to link to a userland implementation I wrote for my Fermat library. A couple of notes: 1. I am not at all claiming to be a subject matter expert, and this was my first pass at the feature, not a fully researched and optimized version. 2. The main issue at hand for me was that my 'numbers' could be arbitrary precision, which would require me to directly ask for bytes and then pull out numbers from them depending on the number of integer digits possible within the range. https://github.com/JordanRL/Fermat/blob/5d186eac99ceb98b089865099c2d7622428= bfdaa/src/Samsara/Fermat/Provider/RandomProvider.php#L128 Now again, this was my first pass, but the way I tackled this was to get a string of bytes that fully contained the integer range. The issue of debiasing the numbers with that approach is *so* difficult, that I opted instead to simply recursively call the operation until a number within the desired range was generated. This avoids introducing bias, but is obviously less than optimal. Some kind of ability to directly provide a set of possible characters and generating from bytes directly would at least reduce the recursion space further in my case, though my particular algorithm still needs additional improvement obviously. Generating random numbers that have an arbitrary range is not easy, particularly if your range might exceed PHP_INT_MAX. *Any* utilities that core can provide to improve performance and reduce the number of places that bias might be introduced in such a situation would be much appreciated. Personally, I decided for my implementation that introducing bias was a greater concern than performance. Jordan --00000000000074a93b05eb530f1f--