On Feb 22, 2011, at 2:00 PM, Jorge wrote: > On 22/02/2011, at 22:36, Brendan Eich wrote: >> (...) >> >> However, Math.random is a source of bugs as Amit Klein has shown, and these >> can't all be fixed by using a better non-CS PRNG underneath Math.random and >> still decimating to an IEEE double in [0, 1]. The use-cases Klein explored >> need both a CS-PRNG and more bits, IIRC. Security experts should correct >> amateur-me if I'm mistaken. > > .replace( /1]/gm, '1)' ) ?
Right. Reading more of Amit Klein's papers, the rounding to IEEE double also seems problematic. Again, I'm not the crypto-droid you are looking for. /be
