Really random ? - Externals

16 years ago by Kenan Sulayman — view source — reply

unread

Hello PHP internals,

I've been running several million tests regarding the
arithmetically-random-functions.

The returning value at the end:
Avg: mt_r: 1073848211.4106 r: 16384.155746685 ~8016909
Avg: mt_r: 1073904131.0286 r: 16384.164383921 ~8503575
Avg: mt_r: 1074010520.4456 r: 16384.091213092 ~13136327

Shape:
Avg: mt_r: { avg of mt_rand() } r: { avg of rand() } ~ { value of $i (
iterations ) }

Means:
Average of mersenne twister in 8016909 it's is 1073848211.4106 (
corresponding to that in 8503575 it's the avg. is 1073904131.0286).
That's acceptable.

The rand(x) function alters the avg in 5M iterations really by just 0.1 ?
Wow, that's creepy.

Is there any way - to make it better ( or a bit as good as the m_twister is
? ) ?

Thanks,

Life's Live Poetry

16 years ago by Pierre Joye — view source — reply

unread

hi,

I've been running several million tests regarding the
arithmetically-random-functions.

The returning value at the end:
Avg: mt_r: 1073848211.4106 r: 16384.155746685 ~8016909
Avg: mt_r: 1073904131.0286 r: 16384.164383921 ~8503575
Avg: mt_r: 1074010520.4456 r: 16384.091213092 ~13136327

Shape:
Avg: mt_r: { avg of mt_rand() } r: { avg of rand() } ~ { value of $i (
iterations ) }

Means:
Average of mersenne twister in 8016909 it's is 1073848211.4106 (
corresponding to that in 8503575 it's the avg. is 1073904131.0286).
That's acceptable.

The rand(x) function alters the avg in 5M iterations really by just 0.1 ?
Wow, that's creepy.

Is there any way - to make it better ( or a bit as good as the m_twister is
? ) ?

Use http://us.php.net/mtrand

Still some issues but already better.

Cheers,

Pierre

http://blog.thepimp.net | http://www.libgd.org

16 years ago by Pierre Joye — view source — reply

unread

hi,

And please disable this auto reply on your system:

"Der Server hat ihre Nachricht erfolgreich verarbeitet!
Vielen Dank,
Ihr KurealCorporation Kunden Service."

Cheers,

Pierre

http://blog.thepimp.net | http://www.libgd.org

16 years ago by Kenan Sulayman — view source — reply

unread

Hey Pierre!

Didn't I included the mt_rand function in my tests ?

Quote: "Average of mersenne twister in 8016909 it's is 1073848211.4106 (
corresponding to that in 8503575 it's the avg. is 1073904131.0286)."

The mail was meant to make the rand(x) function more good;
I already use the mt_rand() function, but why should the rand(x) function
still be used, if it's so freakin' insecure ?

P.s.:
Thanks for the "And please disable this auto reply on your system:"; I
thought, I disabled that a year ago ;-P.

Your,

Life's Live Poetry

2009/3/4 Pierre Joye pierre.php@gmail.com

hi,

And please disable this auto reply on your system:

"Der Server hat ihre Nachricht erfolgreich verarbeitet!
Vielen Dank,
Ihr KurealCorporation Kunden Service."

Cheers,

Pierre

http://blog.thepimp.net | http://www.libgd.org

16 years ago by Stefan Walk — view source — reply

unread

Hey Pierre!

Didn't I included the mt_rand function in my tests ?

Quote: "Average of mersenne twister in 8016909 it's is
1073848211.4106 (
corresponding to that in 8503575 it's the avg. is 1073904131.0286)."

The mail was meant to make the rand(x) function more good;
I already use the mt_rand() function, but why should the rand(x)
function
still be used, if it's so freakin' insecure ?

I hope that by "insecure" you don't imply that you're using those
pseudorandom generators for cryptography purposes. As the manual
states, rand() uses the libc rand(), which can be desirable if you
want to generate the same sequence of numbers across languages. And
you don't need to complain about its drawbacks, because they are well-
known (see <http://en.wikipedia.org/wiki/Linear_congruential_generator#Advantages_and_disadvantages_of_LCGs

). If you want "secure" random numbers, use something that at least
tries to utilize "real" entropy. But that topic has nothing to do with
the development of PHP ...

Regards,
Stefan

16 years ago by Kenan Sulayman — view source — reply

unread

Guess you're right ;-D

Thanks!

Life's Live Poetry

2009/3/4 Stefan Walk et@php.net

Hey Pierre!

Didn't I included the mt_rand function in my tests ?

Quote: "Average of mersenne twister in 8016909 it's is 1073848211.4106 (
corresponding to that in 8503575 it's the avg. is 1073904131.0286)."

The mail was meant to make the rand(x) function more good;
I already use the mt_rand() function, but why should the rand(x) function
still be used, if it's so freakin' insecure ?

I hope that by "insecure" you don't imply that you're using those
pseudorandom generators for cryptography purposes. As the manual states,
rand() uses the libc rand(), which can be desirable if you want to generate
the same sequence of numbers across languages. And you don't need to
complain about its drawbacks, because they are well-known (see <
http://en.wikipedia.org/wiki/Linear_congruential_generator#Advantages_and_disadvantages_of_LCGs>;).
If you want "secure" random numbers, use something that at least tries to
utilize "real" entropy. But that topic has nothing to do with the
development of PHP ...

Regards,
Stefan

16 years ago by Hartmut Holzgraefe — view source — reply

unread

Kenan Sulayman wrote:

The rand(x) function alters the avg in 5M iterations really by just 0.1 ?
Wow, that's creepy.

Is there any way - to make it better ( or a bit as good as the m_twister is
? ) ?

there's a reason why mt_rand() is referred to as "Generate a better
random value" in the rand() documentation ;)

And i can't resist to add

http://web.archive.org/web/20011027002011/http://dilbert.com/comics/dilbert/archive/images/dilbert2001182781025.gif

--
Hartmut Holzgraefe, MySQL Regional Support Manager, EMEA

Sun Microsystems GmbH, Sonnenallee 1, 85551 Kirchheim-Heimstetten
Amtsgericht Muenchen: HRB161028
Geschaeftsfuehrer: Thomas Schroeder, Wolfgang Engels, Dr. Roland Boemer
Vorsitzender des Aufsichtsrates: Martin Haering

16 years ago by Tim Starling — view source — reply

unread

Kenan Sulayman wrote:

Hello PHP internals,

I've been running several million tests regarding the
arithmetically-random-functions.

The returning value at the end:
Avg: mt_r: 1073848211.4106 r: 16384.155746685 ~8016909
Avg: mt_r: 1073904131.0286 r: 16384.164383921 ~8503575
Avg: mt_r: 1074010520.4456 r: 16384.091213092 ~13136327

Shape:
Avg: mt_r: { avg of mt_rand() } r: { avg of rand() } ~ { value of $i (
iterations ) }

Means:
Average of mersenne twister in 8016909 it's is 1073848211.4106 (
corresponding to that in 8503575 it's the avg. is 1073904131.0286).
That's acceptable.

The rand(x) function alters the avg in 5M iterations really by just 0.1 ?
Wow, that's creepy.

You're exhausting the period. It's not creepy, it's expected, for a
random number generator with only 16 bits of state.

Is there any way - to make it better ( or a bit as good as the m_twister is
? ) ?

No, apparently it's conventional to expose whatever crap PRNG the system
has lying around instead of forcing programmers to use one of the two
perfectly good ones that PHP bundles.

-- Tim Starling