Hacker News new | ask | show | jobs
by wilsonthewhale 1961 days ago
No mention of arc4random(3)? Seems like a solved problem in BSD land.

The key takeaways I feel like are: 1. You want as simple of an interface as possible. arc4random(3) returns a single random 32 bit integer, or you can tell it to fill a buffer with them. 2. Just make it cryptographically secure. arc4random does it and it seems to be fine.
2 comments
MauranKilom 1961 days ago
> No mention of arc4random(3)? Seems like a solved problem in BSD land.

Do you mean the "real" arc4random algorithm, or ChaCha20 (which is what arc4random actually is on OpenBSD)?

See also:

> OpenBSD was sufficiently dissatisfied with it that they replaced it with a generator based on the ChaCha20 stream cipher.

https://www.pcg-random.org/other-rngs.html

link
iainmerrick 1961 days ago
The only problem is the weird name. It should just be random().

If there’s a not-so-good-but-faster version, call it fastRandom() or cheapRandom() or randomish() or something like that.

link