Why is the use of rand() considered bad?

by

There are two parts to this story.

First, rand is a pseudorandom number generator. This means it depends on a seed. For a given seed it will always give the same sequence (assuming the same implementation). This makes it not suitable for certain applications where security is of a great concern. But this is not specific to rand. It’s an issue with any pseudo-random generator. And there are most certainly a lot of classes of problems where a pseudo-random generator is acceptable. A true random generator has its own issues (efficiency, implementation, entropy) so for problems that are not security related most often a pseudo-random generator is used.

So you analyzed your problem and you conclude a pseudo-random generator is the solution. And here we arrive to the real troubles with the C random library (which includes rand and srand) that are specific to it and make it obsolete (a.k.a.: the reasons you should never use rand and the C random library).

  • One issue is that it has a global state (set by srand). This makes it impossible to use multiple random engines at the same time. It also greatly complicates multithreaded tasks.

  • The most visible problem of it is that it lacks a distribution engine: rand gives you a number in interval [0 RAND_MAX]. It is uniform in this interval, which means that each number in this interval has the same probability to appear. But most often you need a random number in a specific interval. Let’s say [0, 1017]. A commonly (and naive) used formula is rand() % 1018. But the issue with this is that unless RAND_MAX is an exact multiple of 1018 you won’t get an uniform distribution.

  • Another issue is the Quality of Implementation of rand. There are other answers here detailing this better than I could, so please read them.

In modern C++ you should definitely use the C++ library from <random> which comes with multiple random well-defined engines and various distributions for integer and floating point types.

More Related Contents:

  1. Why do people say there is modulo bias when using a random number generator?
  2. How to generate a random number in C++?
  3. Generate random numbers using C++11 random library
  4. Why does rand() yield the same sequence of numbers on every run?
  5. How to generate different random numbers in a loop in C++?
  6. Create Random Number Sequence with No Repeats
  7. Random number generation in C++11: how to generate, how does it work? [closed]
  8. Using stdlib’s rand() from multiple threads
  9. Generate random numbers following a normal distribution in C/C++
  10. Same random numbers every loop iteration
  11. generate random double numbers in c++
  12. Random array generation with no duplicates
  13. How does modulus and rand() work?
  14. Need for predictable random generator
  15. Random number c++ in some range [duplicate]
  16. What is the optimal algorithm for generating an unbiased random integer within a range?
  17. If we seed c++11 mt19937 as the same on different machines, will we get the same sequence of random numbers
  18. How often should I call srand() in a C++ application?
  19. How do I generate thread-safe uniform random numbers?
  20. Consistent pseudo-random numbers across platforms
  21. Getting big random numbers in C/C++
  22. srand(time(NULL)) generating similar results [duplicate]
  23. Generating a random integer from a range
  24. Is 1.0 a valid output from std::generate_canonical?
  25. Same random numbers every time I run the program
  26. The implementation of random_device in VS2010?
  27. C++11 random numbers
  28. C++ function for picking from a list where each element has a distinct probability
  29. C++ uniform_int_distribution always returning min() on first invocation
  30. Generate N random numbers within a range with a constant sum

Leave a Comment