From owner-freebsd-numerics@FreeBSD.ORG Tue Mar 17 18:12:42 2015 Return-Path: Delivered-To: freebsd-numerics@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A051EDD8 for ; Tue, 17 Mar 2015 18:12:42 +0000 (UTC) Received: from nm41-vm4.bullet.mail.bf1.yahoo.com (nm41-vm4.bullet.mail.bf1.yahoo.com [216.109.114.159]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 45AE02B5 for ; Tue, 17 Mar 2015 18:12:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1426615831; bh=fPvGuo81LepHOUWrgMrUK9vNuRvXE6gPouKNNptsbSs=; h=Date:From:To:Subject:References:In-Reply-To:From:Subject; b=lV80IahzMcXtH/OCd/E8GMX2yqedayogIxcXQsFK701szCtA9gUf5r3LeNGHuieGLGgE7nFmkL9j7kPhmQPkDylvauMxoQrAuhVrNxZZXuKRd9vudpYrR/t3QepcrqGeTxpl9909OD64Xi0VAVRzwnNzblSp8UCgKM4uVs9rltGAtPHMWOcfnzRuJvEepIEdWFeJfxy8UiraNmYSYGMTbL5Y2AKJc/2nQB4TwL7rB1HUnP34zrapOvb6pjCoMb0gCQxpQIRCopCNzYLBAnVLoCz2mlafd/9857uyo62iLVGIP7lrsR5vaLc1hbrOBqnrYYjGIXt9bbfvn1vYpyy6ag== Received: from [98.139.170.182] by nm41.bullet.mail.bf1.yahoo.com with NNFMP; 17 Mar 2015 18:10:31 -0000 Received: from [98.139.211.201] by tm25.bullet.mail.bf1.yahoo.com with NNFMP; 17 Mar 2015 18:10:31 -0000 Received: from [127.0.0.1] by smtp210.mail.bf1.yahoo.com with NNFMP; 17 Mar 2015 18:10:31 -0000 X-Yahoo-Newman-Id: 756745.93646.bm@smtp210.mail.bf1.yahoo.com X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: TyuzyhMVM1lqKqVhs2LiX7TookCYXzGvn9HPgyqSj48uIGx TDlm8I9dcyWtxxKJcXoUYRkU.AgM9my9TlscN55bdXJ97ZRs9SPsXADrwpaH KBN8HYkIh1OlQF5okI2zGqaiug.jr7ddmhGPMuleJSgsFs7uBcfpiqdDeDrY wOhw6_uwtOfF8Fw2Zip5sSlFHXKbCupFWQkjqPsi_X.20V04aW9T_ZbJHzEb 62P_hRk95DGu7Pd.Scp.Njv0OaSsg_o3USg_AT8VNX1D8AmtVBISOQOPk7fg EwUO.mC4JbLy9mJajaNitpE5iR8S1RZyjmL1NqYEXafNeVbebb7p0Iq3KhT5 6zRrcykC6EKq7FchjpGrLb6wWzDbxft1_CIxlAPNwtA.arh1kowlp3FA0cYu rau51kuF1onHYB9nCVGnOn50d30g_fiUlBF2cfvhBNyltKcjlwo8XXrDRewr 2L1AueL15IOtmgO.MqfHlhvakxTnwC1Rfp_Xp1A0sk36TWM6GGKXfBX_6.Fn wR8K5ucn9e1K6nFEeGkkl4osyuIPc7TvW1VZyyD8aGSskdLVjzReZSyWwWJC 7t3kaCT2TO4JGoxKilyRgth8IbINUSx3CHkpmh7_Wa9Fgo7aWTp2RI85VLqX 6sK3NL0S1kxy94lpiQAp4aatjrYxRVqQ4vSEEuw-- X-Yahoo-SMTP: xcjD0guswBAZaPPIbxpWwLcp9Unf Message-ID: <55086E2D.9080806@FreeBSD.org> Date: Tue, 17 Mar 2015 13:10:53 -0500 From: Pedro Giffuni User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0 MIME-Version: 1.0 To: dennis.hamilton@acm.org, freebsd-numerics@FreeBSD.org Subject: Re: Random number generators References: <7CBD7758-9472-4A2E-8065-EC6E68EE8DAB@FreeBSD.org> <20150317060310.GA21975@troutmask.apl.washington.edu> <00a001d060d7$0077f100$0167d300$@acm.org> In-Reply-To: <00a001d060d7$0077f100$0167d300$@acm.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-numerics@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Discussions of high quality implementation of libm functions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Mar 2015 18:12:42 -0000 Hi Dennis; On 03/17/15 12:22, Dennis E. Hamilton wrote: > There is a lot of discussion about qualities of Random Number generators on cryptography lists. MT is not a good choice for that, but it might not need to be important for other applications. > > There has been some recent work, PCG, that has attracted some attention, . There are good videos explaining what the approach is about as well. PCG also has implementations in C. (It is under the Apache License 2.0 too: for a minimal family and for ones with extended capabilities.) > > The analysis of what does and doesn't work, and how passing diehard is too easy, is also valuable. > > If you are serious about crypto grade randomness, libc is probably not the answer. Generally, I don't think reliance on a single generator for general purpose use and for cryptographic quality is going to work well. This is a very context-sensitive situation and addressing specific threat models against cryptographic PRGs is a very different matter from wanting unpredictable and good quality pseudo-randoms for simulations and other purposes. The pcg-random link seems to be down now but for crypto, we have arc4random(3) which is pretty good and about to be improved further. Pedro.