You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Source of some entropy looks like important for testing, but not only. Unfortunatelly looks that there is not much available entropy in compiler. The only provided by standard are __TIME__ and __DATE__ macros, but they usually provide build time only with resolution to single second. Therefore more entropy is required. Current solution makes also use of:
__INCLUDE_LEVEL__ (depth of inclusion - may vary depending on how preprocessor goes to header file with definition),
__BASE_FILE__ (name of current compilation unit - so independent on definition itself),
__VERSION__ (string with version of compiler in use - vendors have no specific pattern on this string).
All of the above are vendor specific, so they are used only if available.
Additionally randomDevice should not generate single value. Therefore it should have some seed. So iota and transform algorithms may generate whoe sequence of random values.
Moreover current implementation is initial one. So should not be considered as cryptographically safe. Fine concept for future improvements is to generate some random string from entropy sources and reduce it with some hash functions (they are considered as fine pseudo-random generators). However that would require further research to find balance between randomness (as close to white noise as possible - so all values should be equally propable) and compilation time. There is large variety of hash functions (even if reduced only to cryptographically safe ones) so this task looks like hard and long research.
Hence lets start with this simple, initial version.
Therefore if you have any idea, comment or anything please join discussion.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Source of some entropy looks like important for testing, but not only. Unfortunatelly looks that there is not much available entropy in compiler. The only provided by standard are
__TIME__
and__DATE__
macros, but they usually provide build time only with resolution to single second. Therefore more entropy is required. Current solution makes also use of:__INCLUDE_LEVEL__
(depth of inclusion - may vary depending on how preprocessor goes to header file with definition),__BASE_FILE__
(name of current compilation unit - so independent on definition itself),__VERSION__
(string with version of compiler in use - vendors have no specific pattern on this string).All of the above are vendor specific, so they are used only if available.
Additionally randomDevice should not generate single value. Therefore it should have some seed. So
iota
andtransform
algorithms may generate whoe sequence of random values.Moreover current implementation is initial one. So should not be considered as cryptographically safe. Fine concept for future improvements is to generate some random string from entropy sources and reduce it with some hash functions (they are considered as fine pseudo-random generators). However that would require further research to find balance between randomness (as close to white noise as possible - so all values should be equally propable) and compilation time. There is large variety of hash functions (even if reduced only to cryptographically safe ones) so this task looks like hard and long research.
Hence lets start with this simple, initial version.
Therefore if you have any idea, comment or anything please join discussion.
Beta Was this translation helpful? Give feedback.
All reactions