Chris's Wiki :: blog/programming/CryptographicVsNormalPRNG Commentshttps://utcc.utoronto.ca/~cks/space/blog/programming/CryptographicVsNormalPRNG?atomcommentsDWiki2012-10-30T11:51:53ZRecent comments in Chris's Wiki :: blog/programming/CryptographicVsNormalPRNG.From 96.235.146.193 on /blog/programming/CryptographicVsNormalPRNGtag:CSpace:blog/programming/CryptographicVsNormalPRNG:9bd36820b71ea0dee501e0f74c6fefdd7204e601From 96.235.146.193<div class="wikitext"><p>Note that several common languages don't have decent (in the sense of "vaguely as good as MT") <code>rand()</code> implementation.</p>
<p>Specifically, I'm talking about perl, java, and (since it's starting to get used for more serious things lately) javascript. You might also throw php in there, since its <code>rand()</code> isn't decent, though it has a builtin <code>mt_rand</code><code>()</code> that is.</p>
<p><code>java.util.Random</code>'s faults are pretty well-known among people who know they need to watch their PRNG, but those aren't the programmers you have to watch out for. Fortunately, the workaround is pretty easy too - just replace <code>new Random()</code> with <code>new SecureRandom()</code>, and use as before. Still, that requires that someone care enough to go do that.</p>
</div>2012-10-30T11:51:53Z