Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to properly seed random number generator

Tags:

random

go

I am trying to generate a random string in Go and here is the code I have written so far:

package main  import (     "bytes"     "fmt"     "math/rand"     "time" )  func main() {     fmt.Println(randomString(10)) }  func randomString(l int) string {     var result bytes.Buffer     var temp string     for i := 0; i < l; {         if string(randInt(65, 90)) != temp {             temp = string(randInt(65, 90))             result.WriteString(temp)             i++         }     }     return result.String() }  func randInt(min int, max int) int {     rand.Seed(time.Now().UTC().UnixNano())     return min + rand.Intn(max-min) } 

My implementation is very slow. Seeding using time brings the same random number for a certain time, so the loop iterates again and again. How can I improve my code?

like image 859
copperMan Avatar asked Sep 07 '12 15:09

copperMan


People also ask

How do you seed a random number generator?

Python Random seed() MethodThe seed() method is used to initialize the random number generator. The random number generator needs a number to start with (a seed value), to be able to generate a random number. By default the random number generator uses the current system time.

Why do random number generators need to be seeded?

A seed usually enables you to reproduce the sequence of random numbers. In that sense they are not true random numbers but "pseudo random numbers", hence a PNR Generator (PNRG).

Is there a way to predict random numbers?

Yes, it is possible to predict what number a random number generator will produce next. I've seen this called cracking, breaking, or attacking the RNG. Searching for any of those terms along with "random number generator" should turn up a lot of results.


2 Answers

Each time you set the same seed, you get the same sequence. So of course if you're setting the seed to the time in a fast loop, you'll probably call it with the same seed many times.

In your case, as you're calling your randInt function until you have a different value, you're waiting for the time (as returned by Nano) to change.

As for all pseudo-random libraries, you have to set the seed only once, for example when initializing your program unless you specifically need to reproduce a given sequence (which is usually only done for debugging and unit testing).

After that you simply call Intn to get the next random integer.

Move the rand.Seed(time.Now().UTC().UnixNano()) line from the randInt function to the start of the main and everything will be faster. And lose the .UTC() call since:

UnixNano returns t as a Unix time, the number of nanoseconds elapsed since January 1, 1970 UTC.

Note also that I think you can simplify your string building:

package main  import (     "fmt"     "math/rand"     "time" )  func main() {     rand.Seed(time.Now().UnixNano())     fmt.Println(randomString(10)) }  func randomString(l int) string {     bytes := make([]byte, l)     for i := 0; i < l; i++ {         bytes[i] = byte(randInt(65, 90))     }     return string(bytes) }  func randInt(min int, max int) int {     return min + rand.Intn(max-min) } 
like image 144
Denys Séguret Avatar answered Sep 21 '22 10:09

Denys Séguret


I don't understand why people are seeding with a time value. This has in my experience never been a good idea. For example, while the system clock is maybe represented in nanoseconds, the system's clock precision isn't nanoseconds.

This program should not be run on the Go playground but if you run it on your machine you get a rough estimate on what type of precision you can expect. I see increments of about 1000000 ns, so 1 ms increments. That's 20 bits of entropy that are not used. All the while the high bits are mostly constant!? Roughly ~24 bits of entropy over a day which is very brute forceable (which can create vulnerabilities).

The degree that this matters to you will vary but you can avoid pitfalls of clock based seed values by simply using the crypto/rand.Read as source for your seed. It will give you that non-deterministic quality that you are probably looking for in your random numbers (even if the actual implementation itself is limited to a set of distinct and deterministic random sequences).

import (     crypto_rand "crypto/rand"     "encoding/binary"     math_rand "math/rand" )  func init() {     var b [8]byte     _, err := crypto_rand.Read(b[:])     if err != nil {         panic("cannot seed math/rand package with cryptographically secure random number generator")     }     math_rand.Seed(int64(binary.LittleEndian.Uint64(b[:]))) } 

As a side note but in relation to your question. You can create your own rand.Source using this method to avoid the cost of having locks protecting the source. The rand package utility functions are convenient but they also use locks under the hood to prevent the source from being used concurrently. If you don't need that you can avoid it by creating your own Source and use that in a non-concurrent way. Regardless, you should NOT be reseeding your random number generator between iterations, it was never designed to be used that way.


Edit: I used to work in ITAM/SAM and the client we built (then) used a clock based seed. After a Windows update a lot of machines in the company fleet rebooted at roughly the same time. This caused an involtery DoS attack on upstream server infrastructure because the clients was using system up time to seed randomness and these machines ended up more or less randomly picking the same time slot to report in. They were meant to smear the load over a period of an hour or so but that did not happen. Seed responsbily!

like image 45
John Leidegren Avatar answered Sep 21 '22 10:09

John Leidegren