Random number generators
Pedro Giffuni
pfg at FreeBSD.org
Tue Mar 17 18:44:27 UTC 2015
Hi;
On 03/17/15 13:18, Mehmet Erol Sanliturk wrote:
>
>
> On Tue, Mar 17, 2015 at 11:10 AM, Pedro Giffuni <pfg at freebsd.org
> <mailto:pfg at freebsd.org>> wrote:
>
> Hi Dennis;
>
> On 03/17/15 12:22, Dennis E. Hamilton wrote:
>
> There is a lot of discussion about qualities of Random Number
> generators on cryptography lists. MT is not a good choice for
> that, but it might not need to be important for other
> applications.
>
> There has been some recent work, PCG, that has attracted some
> attention, <http://www.pcg-random.org/>. There are good videos
> explaining what the approach is about as well. PCG also has
> implementations in C. (It is under the Apache License 2.0
> too: <https://github.com/imneme/pcg-c-basic> for a minimal
> family and <https://github.com/imneme/pcg-c> for ones with
> extended capabilities.)
>
> The analysis of what does and doesn't work, and how passing
> diehard is too easy, is also valuable.
>
> If you are serious about crypto grade randomness, libc is
> probably not the answer. Generally, I don't think reliance on
> a single generator for general purpose use and for
> cryptographic quality is going to work well. This is a very
> context-sensitive situation and addressing specific threat
> models against cryptographic PRGs is a very different matter
> from wanting unpredictable and good quality pseudo-randoms for
> simulations and other purposes.
>
>
> The pcg-random link seems to be down now but for crypto, we have
> arc4random(3) which is pretty good and about to be improved further.
>
> Pedro.
>
> _______________________________________________
>
>
>
> Three of the above links are accessible from here at Izmir , in Turkey .
>
It just came up here. It looks like PCG compares favorably with
ChaCha20, but
this is PCG's page and the comparison is not very clear ("Secure" vs
"Challenging"?)
It may be worth considering though.
Pedro.
More information about the freebsd-numerics
mailing list