NAME

Net::Random - get random data from online sources

SYNOPSIS

    my $rand = Net::Random->new( # use fourmilab.ch's randomness source,
        src => 'fourmilab.ch',   # and return results from 1 to 2000
        min => 1,
        max => 2000
    );
    @numbers = $rand->get(5);    # get 5 numbers
    
    my $rand = Net::Random->new( # use random.org's randomness source,
        src => 'random.org',     # with no explicit range - so values will
    );                           # be in the default range from 0 to 255

    $number = $rand->get();      # get 1 random number

OVERVIEW

The two sources of randomness above correspond to http://www.fourmilab.ch/cgi-bin/uncgi/Hotbits?nbytes=1024&fmt=hex and http://random.org/cgi-bin/randbyte?nbytes=1024&format=hex. We always get chunks of 1024 bytes at a time, storing it in a pool which is used up as and when needed. The pool is shared between all objects using the same randomness source. When we run out of randomness we go back to the source for more juicy random goodness.

If you have set a http_proxy variable in your environment, this will be honoured.

While we always fetch 1024 bytes, data can be used up one, two, three or four bytes at a time, depending on the range between the minimum and maximum desired values. There may be a noticeable delay while more random data is fetched. Warnings may be emitted in case of network problems.

The maintainers of both randomness sources claim that their data is *truly* random. A some simple tests show that they are certainly more random than the rand() function on this 'ere machine.

METHODS

new

The constructor returns a Net::Random object. It takes named parameters, of which one - 'src' - is compulsory, telling the module where to get its random data from. The 'min' and 'max' parameters are optional, and default to 0 and 255 respectively. Both must be integers, and 'max' must be at least min+1. The minimum value of 'min' is 0. The maximum value of 'max' is 2^32-1, the largest value that can be stored in a 32-bit int, or 0xFFFFFFFF.

Currently, the only valid values of 'src' are 'fourmilab.ch' and 'random.org'.

get

Takes a single optional parameter, which must be a positive integer. This determines how many random numbers are to be returned and, if not specified, defaults to 1.

If it fails to retrieve data, we return undef. Note that fourmilab.ch rations random data and you are only permitted to retrieve a certain amount of randomness in any 24 hour period.

BUGS

Doesn't handle really BIGNUMs. Patches are welcome to make it use Math::BigInt internally. Note that you'll need to calculate how many random bytes to use per result. I strongly suggest only using BigInts when absolutely necessary, because they are slooooooow.

Tests are a bit lame. Really needs to test the results to make sure they're as random as the input (to make sure I haven't introduced any bias) and in the right range. The current tests for whether the distributions look sane suck donkey dick.

SECURITY CONCERNS

True randomness is very useful for cryptographic applications. Unfortunately, I can not recommend using this module to produce such random data. While some simple testing shows that we can be fairly confident that it is random, and the published methodologies on both sites used looks sane, you can not, unfortunately, trust that you are getting unique data (ie, someone else might get the same bytes as you) or that they don't log who gets what data.

Be aware that if you use an http_proxy - or if your upstream uses a transparent proxy like some of the more shoddy consumer ISPs do - then that is another place that your randomness could be compromised.

I should stress that I *do* trust both site maintainers to give me data that is sufficiently random and unique for my own uses, but I can not recommend that you do too. As in any security situation, you need to perform your own risk analysis.

FEEDBACK

I welcome feedback about my code, especially constructive criticism.

I do *not* welcome automated bug reports from people who haven't read the README. Yes, CPAN-testers, that means you.

AUTHOR

David Cantrell <david@cantrell.org.uk>

Thanks are also due to the maintainers of the randomness sources. See their web sites for details on how to praise them.

Suggestions from the following people have been included: Rich Rauenzahn, for using an http_proxy; Wiggins d Anconia suggested I mutter in the docs about security concerns

COPYRIGHT

This module is free-as-in-speech software, and may be used, distributed, and modified under the same terms as Perl itself.

To install Net::Random, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Net::Random

CPAN shell

perl -MCPAN -e shell
install Net::Random

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)