On Fri, Nov 19, 2021 at 1:09 PM Jason McKesson via Std-Proposals <
std-proposals_at_[hidden]> wrote:

>
> I get the idea that calling `random_device` 624 times for 32-bits at a
> time is not necessarily a good idea. But maybe we should be teaching
> people not to use RNGs that have 624-integer seeds instead of making
> it harder for people to use RNGs with more reasonable seed sizes.
>

+1, obviously. :)


> Or we could split the difference by allowing the user to provide an
> integer number for the maximum number of values to extract from
> `random_device`. Maybe even make providing the integer mandatory.
>

The operation of "specifying a number of bits to take from random_device,
and then 'key-stretching' those into a larger seed value suitable for
MT19937," sounds like a perfect job for... a PRNG. ;)

// Consume a lot of randomness from the OS to seed mt19937
auto g = nonstd::mt19937(std::random_device{});

// Consume only 256 bits of randomness from the OS to seed xoshiro256ss;
// then consume a lot of *pseudo*-randomness from xoshiro256ss to seed
mt19937
auto g = nonstd::mt19937(nonstd::xoshiro256ss(std::random_device{}));

–Arthur