Closed Bug 354840 Opened 18 years ago Closed 12 years ago

Give web pages a way to obtain high-quality random numbers (e.g. for crypto key or password generation)

Categories

(Core :: JavaScript Engine, enhancement)

Product:
Core
Component:
JavaScript Engine
Platform:
PowerPC
macOS
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 440046

People

(Reporter: jruderman, Unassigned)

References

Details

There are some sites that use JavaScript to generate passwords, etc. I bet they would be happy if they could use high-quality random numbers instead of the easily attacked Math.random(). (One site, http://www.fourmilab.ch/javascrypt/, has its own entropy collector. But I'd think the page usually isn't loaded long enough to get a decent amount of entropy from mouse movements...)
No. Mersenne Twister is a pseudo-random number generator, not a source of high-quality random bits. It's not even especially strong against attacks that try to determine the PRNG's state by looking at its output.
(In reply to comment #0) > There are some sites that use JavaScript to generate passwords, etc. I bet > they would be happy if they could use high-quality random numbers instead of > the easily attacked Math.random(). window.crypto.random() is intended for this purpose. Marking this bug as dependent on 440046.
Depends on: 440046
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.