Date: Tue, 17 Mar 2015 13:10:53 -0500 From: Pedro Giffuni <pfg@FreeBSD.org> To: dennis.hamilton@acm.org, freebsd-numerics@FreeBSD.org Subject: Re: Random number generators Message-ID: <55086E2D.9080806@FreeBSD.org> In-Reply-To: <00a001d060d7$0077f100$0167d300$@acm.org> References: <7CBD7758-9472-4A2E-8065-EC6E68EE8DAB@FreeBSD.org> <20150317060310.GA21975@troutmask.apl.washington.edu> <F6137E2C-FDF2-46B3-BFC2-1975AFA40951@FreeBSD.org> <00a001d060d7$0077f100$0167d300$@acm.org>
index | next in thread | previous in thread | raw e-mail
Hi Dennis; On 03/17/15 12:22, Dennis E. Hamilton wrote: > There is a lot of discussion about qualities of Random Number generators on cryptography lists. MT is not a good choice for that, but it might not need to be important for other applications. > > There has been some recent work, PCG, that has attracted some attention, <http://www.pcg-random.org/>. There are good videos explaining what the approach is about as well. PCG also has implementations in C. (It is under the Apache License 2.0 too: <https://github.com/imneme/pcg-c-basic>; for a minimal family and <https://github.com/imneme/pcg-c>; for ones with extended capabilities.) > > The analysis of what does and doesn't work, and how passing diehard is too easy, is also valuable. > > If you are serious about crypto grade randomness, libc is probably not the answer. Generally, I don't think reliance on a single generator for general purpose use and for cryptographic quality is going to work well. This is a very context-sensitive situation and addressing specific threat models against cryptographic PRGs is a very different matter from wanting unpredictable and good quality pseudo-randoms for simulations and other purposes. The pcg-random link seems to be down now but for crypto, we have arc4random(3) which is pretty good and about to be improved further. Pedro.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55086E2D.9080806>