[whatwg] Cryptographically strong random numbers

Brendan Eich brendan at mozilla.com
Tue Feb 22 13:36:28 PST 2011


I'm from the "better to ask forgiveness than permission" school, so I'm rooting for Adam's work to catch on among browsers and ultimately reach w3c standardization.

Even the typed array usage is "ok" if we harmonize the tiny subset of typed arrays used there (no aliasing!) with http://wiki.ecmascript.org/doku.php?id=strawman:binary_data -- which is dherman's plan.

If the crypto.getRandomValues API becomes popular and other JS embeddings than ones with the DOM joined at the hip want it, we can "move" (more likely, copy) it into a core language module spec. TC39 will be standardizing more "library code" over time.

I agree that Math.random is a coveted name and we shouldn't add something different in form but better in fit lightly.

However, Math.random is a source of bugs as Amit Klein has shown, and these can't all be fixed by using a better non-CS PRNG underneath Math.random and still decimating to an IEEE double in [0, 1]. The use-cases Klein explored need both a CS-PRNG and more bits, IIRC. Security experts should correct amateur-me if I'm mistaken.

/be


More information about the es-discuss mailing list