On Sat, Feb 28, 2015 at 8:39 PM, Edward Kmett
* random
We've had some truly excellent work done over the last couple of years on how to deal with "splitting" a random number generator in a cryptographically sound manner. I spent some time cleaning up a few outstanding issues for this package personally over the summer, but have not had nearly enough time to devote to the issue of how to integrate the outcome of the recent research on splitting, while simultaneously caring about performance and soundness.
'random' has been on bad-footing for a while in terms of API and functionality. I can re-produce my issues if desired, but a core question seems to be acceptability. Is tf-random not pleasing to enough people? Or the splitting is too slow? I don't currently know of any users who want high performing _and_ cryptographically sound generators, though that would be great to have. I am only currently aware of cryptographic PRNGs with slow (ish) split times and statistically decent PRNGs with good split times. I've had to fix two commercial projects now that had used StdGen so I'm willing to do significant work getting a PRNG with both properties if we can quantify the performance requirements. So far my best options appear to be tf-random or a 800-90 style CTR DRBG that's computes large buffers resulting in high memory use and decent _amortized_ performance (including split). -TomMD