6 replies to this topic

[KillaVanilla]

Hello all.

This API implements the ISAAC CSPRNG (cryptographically-secure pseudo-random number generator) in Lua. In addition, it also implements the Mersenne Twister PRNG.

Functions:

• initialize_mt_generator(seed) - Seed the Mersenne Twister.
  
• extract_mt(min, max) - Get a number from the Mersenne Twister (min and max default to 0 and 2^32-1.)
  
• seed_from_mt(seed) - Seed the ISAAC algorithm, optionally seeding the Mersenne Twister beforehand.
  
• generate_isaac(entropy) - Generate a new batch of numbers from the ISAAC algorithm, optionally seeding it with numbers from a provided table with seed values. If you are seeding with your own entropy, remember that you need at least 256 values, and that each value must be less than 2^32-1.
  
• random(min, max) - Get a number from the ISAAC algorithm. (again, min and max default to 0 and 2^32-1)

Get it here. Pastebin code: D1th4Htw

[Sammich Lord]

So this is basically a true random number generator?

[Spongy141]

cant you just do

local number = math.random(<up a number>)

To get a random number..?

[KillaVanilla]

Sammich Lord, on 15 April 2013 - 07:20 AM, said:

So this is basically a true random number generator?

Yeah. Two, to be exact.

Spongy141, on 15 April 2013 - 07:24 AM, said:

cant you just do

local number = math.random(<up a number>)

To get a random number..?

Yes, but the numbers that math.random generates may not be suitable for cryptography.

[ElvishJerricco]

I'm going to use this in my Project NewLife system if that's ok. You will be credited.

[M4sh3dP0t4t03]

As far as I see it simply gets a pseudo-random number as a seed from math.random() and processes it with some other functions. But if the pseudo-random seed is the same, the number you get is the same, too. So this would be predictable and not a true random number generator. Correct me if I'm wrong.

[ElvishJerricco]

KingOfNoobs, on 24 May 2013 - 06:32 AM, said:

As far as I see it simply gets a pseudo-random number as a seed from math.random() and processes it with some other functions. But if the pseudo-random seed is the same, the number you get is the same, too. So this would be predictable and not a true random number generator. Correct me if I'm wrong.

It's not meant to be a true random number generator. It's meant to be a cryptographically secure one. To be secure, the generator cannot be predictable. With linear random number generators (the fast ones like math.random in lua) you can see the previous value and determine what the next one will be. With this algorithm, and with all cryptographically secure generators, even if you've seen all the numbers emitted so far, you cannot predict the next number. You have to know the seed, which is usually a well kept secret from hackers. But with this particular implementation, there's an element that clears the "entropy" every time math.random(1, 100) == 50. This makes it so that even sharing the same seed doesn't guarantee the same sequence.