OK thanks for the info. This is a serious performance hit, but I
understand that the FPC implementation is different. Does FPC have a
faster (comparable to Delphi) version of Random() too?

@Michael,
Should the FPC docs maybe mention the fact that the FPC version is
considerably slower that Delphi (with an explanation why of course) -
purely for the purpose of informing those porting code from Delphi to
FPC. The original code in tiOPF is so slow, I almost thought the
program froze - thus making that code really unusable in an
application. Luckily that code will normally not be used in a real app
though. Delphi developers wanting to move to FPC should really be
warned about this, and use Random() sparingly.

I was reading a bit more about this. The Mersenne Twister (MT)
generator has a massive period of 2^19937−1, compared to the XorShift
generator, which in turn has a period of 2^128-1.

Most text I read mentions that MT is great for statistical purposes,
and performs well in its class.

So wouldn't it maybe make more sense to let the standard (read more
common) Random() call use a higher performance random number
generator, with a much lower period. Then add the MT generator as a
call to the Maths unit - where more statistical functions are located?

Most applications are not statistical apps, they just want a random
number here or there, so such high period low performance generator is
normally not required. Having it in the Maths unit still makes in
available when needed though - for those specialised apps.

Just a thought...

I absolutely despise such logic! It's a disgrace to the programming profession.
And in the mean time my code must run 529x slower than Delphi. Great.
Nice, now I need to riddle my code with IFDEF statements (making in
much harder to read) because lots of the code in question is shared
between Delphi and FPC. :-/

That's nonsense. The only thing that happens if computers speed
increases is, that you put more code into the same time slot. Otherwise
working with computers would have become blinding fast but the opposite
is the case. The speed increase of computers is overcompensated by
burdening more code on them (which is also a consequence of an attitude
like yours).

I have a program that generates data for a file to test network speed.
Currently I am testing on 100 MB/s. But soon my program will be used
for 1 GB/s networks. So the data generation has to speed up by a factor
of 10 if it should not slow down. It will never happen that the speed of
the computer will make the impact of the random() function delay go
away. If random() dominates your program it will do so in ten years too.

I don't know, how bad Delphis random generator is, but I once years ago did make a mistake
of calling randomize before random. It was a school assignment for using Turbo Pascal graphics.
So I made program, that was supposed to fill screen with random dots (colour was also set with
random). Anyway, when I called randomize before random, then as a result dots didn't fill the
screen, but were mostly along the diagonal of the screen. So I'd guess, that setting randseed
multiple times could be actually bad for randomness of results. Or maybe modern algorithms are
better at situations like this?

On Fri, Dec 9, 2011 at 9:39 AM, Graeme Geldenhuys
It is specifically written in the Delphi documentation that Random
should not be utilized for encryption...

It will improve the randomness of the generated numbers. Changing the
random seed all the time removes any properties the random generator
normally has. In other words, the original code is wrong.


Jonas

Well, lets go to theory :

One way to build a cypher is to XOR the stream that must be encrypted
against a fixed value.

But, this is easy to break using statistical methods.

So the next logical way to do this is to XOR the stream against
another stream of numbers, kind of one time password.

But, the stream of numbers must be shared by both ends.

How ? Simple, generate the stream on-the-fly using a PRNG.

Now you only need to share the seed of the PRNG and the encrypted stream.

But for this to work the same PRNG must be used on both ends, and the
PRNG must be strong enough with a period much longer than the size of
the data being encrypted.

Whats wrong with calling RANDOMIZE during the loop ? The problem is
that you keep seeding the PRNG with the Now() (current time stamp),
defeating the whole idea. Now, instead of XORing your plain text
against a pseudo-random sequence, you are XORing your plain text
against the current time/date, something quite easily predictable.

Even in your case, seeding a Mersenne Twister in every loop
interaction will put that algorithm exactly in its worst case : the
startup sequence.

The mersenne Twister is slow to start generating good random numbers.

So your program is bug to the guts in this case.

To solve this all you have to do is to guarantee that both
communication ends use the same random number generation algorithm and
seed. This will work. (IE.: the fix will break compatibility with old
binaries). And dont seed against the last result, thats not a good
idea (This will keep the MT restarting).

A good alternative to a simple encryption algorithm is to use
cryptographic hash functions like SHA.

hash your key using SHA.

Split your file in blocks the same size of the SHA key.

XOR the first block against the first key,

output the bytes.

Hash the SHA key itself, generating a second key,

XOR the second block against that second key.

repeat until end of data. PAD the last block to match the Hash size.