[Haskell-cafe] haskell-cafe brown out [Was: random library]

dominic at steinitz.org dominic at steinitz.org
Sat Oct 14 13:09:51 UTC 2017 

I get a daily digest from the mailing list and then cut out the bit that seemed relevant fwiw. Well done for caring about mailing lists :)

> On 11 Oct 2017, at 17:28, Ian Zimmerman <itz at very.loosely.org> wrote:
> 
> On 2017-10-11 13:50, dominic at steinitz.org wrote:
> 
>>> Interesting library! Here's a link:
>>> http://hackage.haskell.org/package/DRBG-0.5.5/docs/Crypto-Random-DRBG.html
>>> <http://hackage.haskell.org/package/DRBG-0.5.5/docs/Crypto-Random-DRBG.html>
>>> 
>>> Thomas,
>>> 
>>> In the linked docs, there's a claim that Hash DRBG is the fastest
>>> cryptographically secure RNG on Hackage. Do you have a link to the
>>> benchmark results, or perhaps some updated ones? Unlike Viktor, I'm
>>> interested in less secure applications, but if the performance is
>>> good, it might be worth switching from the defacto random package.
>>> 
>>> Thanks, Jonathan
> 
>> No-one should be using the de facto random package. It is slow and
>> produces surprising results.
>> 
>> I think one of the posters suggested using mwc-random and splitting by
>> using a different seed. Although mwc-random has reasonably good
>> properties, there is no guarantee about how correlated the various
>> streams of random numbers will be. QuickCheck uses tf-random to avoid
>> such problems. There is also a version of SplitMix
>> https://hackage.haskell.org/package/splitmix
>> <https://hackage.haskell.org/package/splitmix> but I don’t think this
>> has been heavily road-tested.
>> 
>> But in this case, cryptographically secure randomness is required so I
>> would follow Thomas’ suggestion.
>> 
>> PS I just noticed my spellchecker changed defacto to defect! Perhaps
>> AI is taking over.
> 
> Hello, may I ask how exactly you posted the above message?
> 
> Your message has no threading headers (In-Reply-To or References), but I
> _think_ I never received the message to which you appear to be reacting
> (that one by "Jonathan").  I cannot prove it beyond doubt because of the
> missing headers.  Was "Jonathan"'s message posted on the haskell-cafe
> mailing list at all?  Or what else is going on here?
> 
> Ian, who cares about his mailing lists
> 
> -- 
> Please don't Cc: me privately on mailing lists and Usenet,
> if you also post the followup to the list or newsgroup.
> Do obvious transformation on domain to reply privately _only_ on Usenet.

Dominic Steinitz
dominic at steinitz.org
http://idontgetoutmuch.wordpress.com

More information about the Haskell-Cafe mailing list