Re: [Haskell-cafe] haskell-cafe brown out [Was: random library]

I get a daily digest from the mailing list and then cut out the bit that seemed relevant fwiw. Well done for caring about mailing lists :)

On 11 Oct 2017, at 17:28, Ian Zimmerman wrote:

On 2017-10-11 13:50, dominic@steinitz.org wrote:

...

...

Interesting library! Here's a link: http://hackage.haskell.org/package/DRBG-0.5.5/docs/Crypto-Random-DRBG.html http://hackage.haskell.org/package/DRBG-0.5.5/docs/Crypto-Random-DRBG.html

Thomas,

In the linked docs, there's a claim that Hash DRBG is the fastest cryptographically secure RNG on Hackage. Do you have a link to the benchmark results, or perhaps some updated ones? Unlike Viktor, I'm interested in less secure applications, but if the performance is good, it might be worth switching from the defacto random package.

Thanks, Jonathan

...

No-one should be using the de facto random package. It is slow and produces surprising results.

I think one of the posters suggested using mwc-random and splitting by using a different seed. Although mwc-random has reasonably good properties, there is no guarantee about how correlated the various streams of random numbers will be. QuickCheck uses tf-random to avoid such problems. There is also a version of SplitMix https://hackage.haskell.org/package/splitmix https://hackage.haskell.org/package/splitmix but I don’t think this has been heavily road-tested.

But in this case, cryptographically secure randomness is required so I would follow Thomas’ suggestion.

PS I just noticed my spellchecker changed defacto to defect! Perhaps AI is taking over.

Hello, may I ask how exactly you posted the above message?

Your message has no threading headers (In-Reply-To or References), but I _think_ I never received the message to which you appear to be reacting (that one by "Jonathan"). I cannot prove it beyond doubt because of the missing headers. Was "Jonathan"'s message posted on the haskell-cafe mailing list at all? Or what else is going on here?

Ian, who cares about his mailing lists

-- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. Do obvious transformation on domain to reply privately _only_ on Usenet.

Dominic Steinitz dominic@steinitz.org http://idontgetoutmuch.wordpress.com