←back to thread

Inverting the Xorshift128 random number generator

(littlemaninmyhead.wordpress.com)
108 points rurban | 3 comments | 31 Aug 25 18:49 UTC | HN request time: 0.001s | source
Show context
delduca ◴[04 Sep 25 13:41 UTC] No.45127193[source]
I have recently replaced Lua's random for this implemetation

https://nullonerror.org/2025/08/02/replacing-lua-s-math-rand...

replies(2): >>45128081 #>>45135705 #
bazzargh ◴[04 Sep 25 15:02 UTC] No.45128081[source]
A word of caution. A few years ago we had a production impact event where customers were getting identical cookies (and so started seeing each others sessions). When I took a look at the code, what I found was that they were doing something very like your code - using a time() based seed and an PRNG.

Whenever we deployed new nginx configs, those servers would roll out and restart, getting _similar_ time() results in the seed. But the individual nginx workers? Their seeds were nearly identical. Not every call to the PRNG was meant for UUIDs, but enough were that disaster was inevitable.

The solution is to use a library that leverages libuuid (via ffi or otherwise). A "native lua" implementation is always going to miss the entropy sources available in your server and generate clashes if it's seeded with time(). (eg https://github.com/Kong/lua-uuid, https://github.com/bungle/lua-resty-uuid)

replies(4): >>45128343 #>>45128442 #>>45130303 #>>45130355 #
1. magicalhippo ◴[04 Sep 25 18:12 UTC] No.45130355[source]
Had this issue on a ray tracer I worked on. Since sampling was supposed to be random, you could fire it up on multiple machines and just average the result to get a lower noise image.

Except the distributed code fired it up all worker instances almost simultaneously and the code used time() to seed the RNG, so many workers ended up using the same seed and hence averaging those results did nothing.

replies(1): >>45131284 #
2. 01HNNWZ0MV43FF ◴[04 Sep 25 19:29 UTC] No.45131284[source]
I am reminded of an article about a poker site:

"There are 52-factorial ways to shuffle a deck of cards, but the site's PRNG only has 32 bits of state. 4 billion is alarmingly less than 52-factorial! But even worse, the PRNG is seeded using the number of milliseconds since midnight. 86 million is alarmingly less than 4 billion!"

So the actual entropy on the card table was equivalent to about 5 cards' worth. After seeing the 2 cards in his hand, and the 3 cards in the flop, he could use a program to solve for every other card in everyone's hand and in the entire deck!

(I may have mixed up many details - If anyone has an archive of the article please post it!)

replies(1): >>45132819 #
3. degamad ◴[04 Sep 25 22:12 UTC] No.45132819[source]
I assume you're talking about

https://web.archive.org/web/20140210072712/http://www.laurad...

Previously on HN

https://news.ycombinator.com/item?id=7207851