I can't state that it's cryptographically sound*, but if I
wanted a "comfortably random" number I'd do something like:
read a pseudo-random number of bytes from /dev/random then
pass the results through md5sum. I'd be comfortable using
rand() to determine how many bytes to get from /dev/random.
*I'm neither a mathematician nor a cryptographer; I didn't
sleep at a Comfort Inn last night either. I've read Applied
Cryptography though. There are also "true" random number
streams available on the net. One of the more interesting
ones uses a Lava Lamp as it's entropy source, others use
radioactive decay, outer-space radio noise, etc.
Steve
> This is an excellent go, and I'll only make one kibbitz technically:
>
> \_ $randigit = int( rand( $base) );
>
> Do you trust rand() to be random?
>
> It's probably mostly random as far as humans can tell, but computers?
> rand('maybe', 'maybe not'). :-)
>
> David
--
Carpe cerevisiae
(text/plain)