Opened 6 years ago

Last modified 13 months ago

#767 assigned enhancement

random seed should be more random

Reported by: zbigniew Owned by:
Priority: not urgent at all Milestone:
Component: core libraries Version: 4.7.x
Keywords: Cc:
Estimated difficulty: hard

Description

The default RNG is seeded with time(NULL) which only changes every 1 second. See CHICKEN_initialize in runtime.c. Actually it only changes every 2 seconds, as C_randomize expects a C_word and the bottom bit is therefore destroyed. Actually, on most platforms it may take up to a minute to change values, as rand() is crap. Example:

while :; do date; csi -p '(random 60000)'; done

Instead it should be seeded with pid XOR seconds XOR milliseconds. This is totally portable and doesn't involve replacing rand() with random() or anything else disruptive, just seeding with more random bits.

I will put together a patch to do this, it is a trivial fix.

Change History (3)

comment:1 Changed 6 years ago by zbigniew

Even worse, (randomize) only generates a new result once every 1,000 seconds, as (current-seconds) is divided by 1000. I will aim to fix this as well.

comment:2 Changed 6 years ago by zbigniew

  • Milestone 4.8.0 deleted
  • Owner zbigniew deleted
  • Priority changed from major to not urgent at all
  • Status changed from new to assigned
  • Type changed from defect to enhancement

I guess it is not trivial, the core would not support it without some disruptive changes, i.e. risking compilation failures on unusual platforms.

1) gettimeofday is not available in core on non-UNIX platforms, even though it is available in both mingw and cygwin themselves. Maybe that is historical.
2) getpid is available on unix and windows but perhaps not elsewhere?

In short, there's no easy way to get the process pid or the usec since epoch at initialization time from runtime.c.

With regard to Peter's hash table security patch, which was the impetus for this ticket -- as it requires a random fixnum when SRFI-69 is loaded --, an ugly workaround should be to use the randomization key in make-hash-table, as in

(use random-bsd)
(make-hash-table eq? hash size randomization: (random-fixnum 536870912))

random-bsd only seeds its own generator, not the system one, so unfortunately you can't just load it and affect the random sequence generated by the core RNG.

I'll leave this open, but at the lowest possible priority.

comment:3 Changed 13 months ago by sjamaan

  • Estimated difficulty set to hard
Note: See TracTickets for help on using tickets.