mt_rand 的缺点是什么?
偏见的定义是什么:
mt_rand() 返回值的分布在 64 位上偏向偶数当 max 超过 2^32 时构建 PHP.
The distribution of mt_rand() return values is biased towards even numbers on 64-bit builds of PHP when max is beyond 2^32.
如果这是四舍五入的替代平局规则中所述的那种偏见,我不'不要认为这真的很重要(因为偏差并不明显).
If it's the kind of bias stated in alternate tie-breaking rules for rounding, I don't think it really matters (since the bias is not really visible).
除了 mt_rand()
被声称是四次比rand()
快,只需在前面加三个字符即可!
Besides mt_rand()
is claimed to be four times faster than rand()
, just by adding three chars in front!
假设 mt_rand
可用,使用它的缺点是什么?
Assuming mt_rand
is available, what's the disadvantage of using it?
推荐答案
mt_rand
使用 Mersenne Twister 算法,远优于 LCGLCG代码>rand.例如,LCG 的周期是微不足道的 232,而 mt_rand 的周期是 219937 − 1.此外,LCG 生成的所有值将 躺在线上或平面绘制到多维空间中时.此外,确定LCG的参数不仅在实践中可行,而且相对容易.LCG 的唯一优势是速度可能稍快一些,但其规模与在 php 中编码时完全无关.
mt_rand
uses the Mersenne Twister algorithm, which is far better than the LCG typically used by rand
. For example, the period of an LCG is a measly 232, whereas the period of mt_rand is 219937 − 1. Also, all the values generated by an LCG will lie on lines or planes when plotted into a multidimensional space. Also, it is not only practically feasible, but relatively easy to determine the parameters of an LCG. The only advantage LCGs have is being potentially slightly faster, but on a scale that is completely irrelevant when coding in php.
但是,mt_rand
也不适合用于加密目的(生成令牌、密码或加密密钥).
However, mt_rand
is not suitable for cryptographic purposes (generation of tokens, passwords or cryptographic keys) either.
如果您需要加密随机性,请在 php 7 中使用 random_int
.在较旧的 php 上版本,在符合 POSIX 的操作系统上从 /dev/urandom
或 /dev/random
读取.
If you need cryptographic randomness, use random_int
in php 7. On older php versions, read from /dev/urandom
or /dev/random
on a POSIX-conforming operating system.
相关文章