Someone have claimed that this is broken: <a href="https://github.com/Sc00bz/break-uheprng">https://github.com/Sc00bz/break-uheprng</a><p>The first criticism, while valid, is an anachronism as there wasn't Web Crypto when this RNG was written. The other criticisms are fully valid though and should at least make everyone do a double take whether this is fine for their needs or not.
Sorry to belabor something lots of readers already know: The long key may (or may not) be packed with entropy. But a pseudo-random number generator at best preserves the entropy in the key.
> Latin Squares are ‘n’x‘n’ grids containing exactly one of each of ‘n’ symbols in every horizontal row and vertical column [...]<p>> Although mathematicians have been unable to determine how many different 26x26 [Latin] Squares can be created, they have been able to determine that the number is at least 9.337 x 10^426, or approximately 2^1418<p>Seems surprising that the number hasn't been calculated exactly. I'd have guessed it's a mechanically solvable but tedious combinatorics problem, but obviously not.
Something about using a PRNG with a large internal state just to generate an output in a large space of possibilities feels wrong to me. If you have enough entropy to fill a high entropy RNG, why not use all that entropy to generate the output in the first place?<p>Also I'm curious how they generate the latin squares, their claims require a uniform distribution of some kind, which is interesting.
This is not a good way to generate "secure" random numbers, and the "visits every possible state" is not a good metric.<p>Computing the cryptographic hash of a 1536-bit counter will have better properties (and less handwaving) than this function.
Can someone explain to me the value of this? Like, is there value in the "pseudo" that you don't get from a "real" one?<p>Like, I'm thinking of e.g. the Cloudflare lava lamp thing, and like, isn't that better in every way?