Hello PHP internals,
I've been running several million tests regarding the
arithmetically-random-functions.
The returning value at the end:
Avg: mt_r: 1073848211.4106 r: 16384.155746685 ~8016909
Avg: mt_r: 1073904131.0286 r: 16384.164383921 ~8503575
Avg: mt_r: 1074010520.4456 r: 16384.091213092 ~13136327
Shape:
Avg: mt_r: { avg of mt_rand()
} r: { avg of rand()
} ~ { value of $i (
iterations ) }
Means:
Average of mersenne twister in 8016909 it's is 1073848211.4106 (
corresponding to that in 8503575 it's the avg. is 1073904131.0286).
That's acceptable.
The rand(x) function alters the avg in 5M iterations really by just 0.1 ?
Wow, that's creepy.
Is there any way - to make it better ( or a bit as good as the m_twister is
? ) ?
Thanks,
(c) Kenan Sulayman
Freelance Designer and Programmer
Life's Live Poetry
hi,
I've been running several million tests regarding the
arithmetically-random-functions.The returning value at the end:
Avg: mt_r: 1073848211.4106 r: 16384.155746685 ~8016909
Avg: mt_r: 1073904131.0286 r: 16384.164383921 ~8503575
Avg: mt_r: 1074010520.4456 r: 16384.091213092 ~13136327Shape:
Avg: mt_r: { avg ofmt_rand()
} r: { avg ofrand()
} ~ { value of $i (
iterations ) }Means:
Average of mersenne twister in 8016909 it's is 1073848211.4106 (
corresponding to that in 8503575 it's the avg. is 1073904131.0286).
That's acceptable.The rand(x) function alters the avg in 5M iterations really by just 0.1 ?
Wow, that's creepy.Is there any way - to make it better ( or a bit as good as the m_twister is
? ) ?
Still some issues but already better.
Cheers,
Pierre
hi,
And please disable this auto reply on your system:
"Der Server hat ihre Nachricht erfolgreich verarbeitet!
Vielen Dank,
Ihr KurealCorporation Kunden Service."
Cheers,
Pierre
Hey Pierre!
Didn't I included the mt_rand function in my tests ?
Quote: "Average of mersenne twister in 8016909 it's is 1073848211.4106 (
corresponding to that in 8503575 it's the avg. is 1073904131.0286)."
The mail was meant to make the rand(x) function more good;
I already use the mt_rand()
function, but why should the rand(x) function
still be used, if it's so freakin' insecure ?
P.s.:
Thanks for the "And please disable this auto reply on your system:"; I
thought, I disabled that a year ago ;-P.
Your,
(c) Kenan Sulayman
Freelance Designer and Programmer
Life's Live Poetry
2009/3/4 Pierre Joye pierre.php@gmail.com
hi,
And please disable this auto reply on your system:
"Der Server hat ihre Nachricht erfolgreich verarbeitet!
Vielen Dank,
Ihr KurealCorporation Kunden Service."Cheers,
Pierre
Hey Pierre!
Didn't I included the mt_rand function in my tests ?
Quote: "Average of mersenne twister in 8016909 it's is
1073848211.4106 (
corresponding to that in 8503575 it's the avg. is 1073904131.0286)."The mail was meant to make the rand(x) function more good;
I already use themt_rand()
function, but why should the rand(x)
function
still be used, if it's so freakin' insecure ?
I hope that by "insecure" you don't imply that you're using those
pseudorandom generators for cryptography purposes. As the manual
states, rand()
uses the libc rand()
, which can be desirable if you
want to generate the same sequence of numbers across languages. And
you don't need to complain about its drawbacks, because they are well-
known (see <http://en.wikipedia.org/wiki/Linear_congruential_generator#Advantages_and_disadvantages_of_LCGs
). If you want "secure" random numbers, use something that at least
tries to utilize "real" entropy. But that topic has nothing to do with
the development of PHP ...
Regards,
Stefan
Guess you're right ;-D
Thanks!
(c) Kenan Sulayman
Freelance Designer and Programmer
Life's Live Poetry
2009/3/4 Stefan Walk et@php.net
Hey Pierre!
Didn't I included the mt_rand function in my tests ?
Quote: "Average of mersenne twister in 8016909 it's is 1073848211.4106 (
corresponding to that in 8503575 it's the avg. is 1073904131.0286)."The mail was meant to make the rand(x) function more good;
I already use themt_rand()
function, but why should the rand(x) function
still be used, if it's so freakin' insecure ?I hope that by "insecure" you don't imply that you're using those
pseudorandom generators for cryptography purposes. As the manual states,
rand()
uses the libcrand()
, which can be desirable if you want to generate
the same sequence of numbers across languages. And you don't need to
complain about its drawbacks, because they are well-known (see <
http://en.wikipedia.org/wiki/Linear_congruential_generator#Advantages_and_disadvantages_of_LCGs>).
If you want "secure" random numbers, use something that at least tries to
utilize "real" entropy. But that topic has nothing to do with the
development of PHP ...Regards,
Stefan
Kenan Sulayman wrote:
The rand(x) function alters the avg in 5M iterations really by just 0.1 ?
Wow, that's creepy.Is there any way - to make it better ( or a bit as good as the m_twister is
? ) ?
there's a reason why mt_rand()
is referred to as "Generate a better
random value" in the rand()
documentation ;)
And i can't resist to add
--
Hartmut Holzgraefe, MySQL Regional Support Manager, EMEA
Sun Microsystems GmbH, Sonnenallee 1, 85551 Kirchheim-Heimstetten
Amtsgericht Muenchen: HRB161028
Geschaeftsfuehrer: Thomas Schroeder, Wolfgang Engels, Dr. Roland Boemer
Vorsitzender des Aufsichtsrates: Martin Haering
Kenan Sulayman wrote:
Hello PHP internals,
I've been running several million tests regarding the
arithmetically-random-functions.The returning value at the end:
Avg: mt_r: 1073848211.4106 r: 16384.155746685 ~8016909
Avg: mt_r: 1073904131.0286 r: 16384.164383921 ~8503575
Avg: mt_r: 1074010520.4456 r: 16384.091213092 ~13136327Shape:
Avg: mt_r: { avg ofmt_rand()
} r: { avg ofrand()
} ~ { value of $i (
iterations ) }Means:
Average of mersenne twister in 8016909 it's is 1073848211.4106 (
corresponding to that in 8503575 it's the avg. is 1073904131.0286).
That's acceptable.The rand(x) function alters the avg in 5M iterations really by just 0.1 ?
Wow, that's creepy.
You're exhausting the period. It's not creepy, it's expected, for a
random number generator with only 16 bits of state.
Is there any way - to make it better ( or a bit as good as the m_twister is
? ) ?
No, apparently it's conventional to expose whatever crap PRNG the system
has lying around instead of forcing programmers to use one of the two
perfectly good ones that PHP bundles.
-- Tim Starling