转载

V8 Engine 的 Math.random() 在新版被重寫了...

先前在「 V8 的 Math.random() 亂度不足的問題」提到 Math.random() 因為使用 MWC1616 ( Fast random number generation using 128 bit multimedia extension registers on Pentium class machines ) 而不夠亂的問題。

這個問題在新版 V8 Engine 提出改善了：「 There's Math.random(), and then there's Math.random() 」。

新實作的方法是 xorshift128+ ，擁有極長的 period length：

This has been pointed out to us, and having understood the problem and after some research, we decided to reimplement Math.random based on an algorithm called xorshift128+. It uses 128 bits of internal state, has a period length of 2 ¹²⁸ - 1, and passes all tests from the TestU01 suite.

將會在 Google Chrome 49 (目前是 47) 引入：

The new implementation landed in V8 4.9.41.0 within a few days of us becoming aware of the issue. It will become available with Chrome 49. Both Firefox and Safari switched to xorshift128+ as well.

同時還是再次提醒，這不是 CSPRNG ，要用在密碼學相關應用還是要用專門的 library 來產生 pseudo random number：

Make no mistake however: even though xorshift128+ is a huge improvement over MWC1616, it still is not cryptographically secure.

正文到此结束