Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Rust does this.

IMO, it's not worth it: It makes working with random numbers very problematic when working on cryptographic use cases.



Could you clarify this? What problems would you run into just from having the default RNG be secure?


Performance / getting a seed


Why is the default thread_rng from the rand crate a dealbreaker for rust? There are other rngs to choose from rand like `smallrng` that is a small fast unspecified default prng if you don't know what you want even for a prng. If the worst case 300 microseconds of the reseeding ChaCha12 default rng is measurable, then it is your job to make a decision about your random number generator.

I don't think rng seeding has anything to do with the algorithm you choose? Seeding from the os rng is usually what you want even for a prng. If you want to use use the current time there is a `seed_from_u64` if you want.


Seeding from the clock is perfectly appropriate for games, audio / video processing, ect.

Seeding from an entropy source is critical for encryption, but that can take time depending on how it works.


Too late to edit: I meant non-cryptographic use cases


This makes much more sense




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: