Date: Tue, 17 Mar 2015 13:10:53 -0500 From: Pedro Giffuni <pfg@FreeBSD.org> To: dennis.hamilton@acm.org, freebsd-numerics@FreeBSD.org Subject: Re: Random number generators Message-ID: <55086E2D.9080806@FreeBSD.org> In-Reply-To: <00a001d060d7$0077f100$0167d300$@acm.org> References: <7CBD7758-9472-4A2E-8065-EC6E68EE8DAB@FreeBSD.org> <20150317060310.GA21975@troutmask.apl.washington.edu> <F6137E2C-FDF2-46B3-BFC2-1975AFA40951@FreeBSD.org> <00a001d060d7$0077f100$0167d300$@acm.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Dennis; On 03/17/15 12:22, Dennis E. Hamilton wrote: > There is a lot of discussion about qualities of Random Number generators on cryptography lists. MT is not a good choice for that, but it might not need to be important for other applications. > > There has been some recent work, PCG, that has attracted some attention, <http://www.pcg-random.org/>. There are good videos explaining what the approach is about as well. PCG also has implementations in C. (It is under the Apache License 2.0 too: <https://github.com/imneme/pcg-c-basic>; for a minimal family and <https://github.com/imneme/pcg-c>; for ones with extended capabilities.) > > The analysis of what does and doesn't work, and how passing diehard is too easy, is also valuable. > > If you are serious about crypto grade randomness, libc is probably not the answer. Generally, I don't think reliance on a single generator for general purpose use and for cryptographic quality is going to work well. This is a very context-sensitive situation and addressing specific threat models against cryptographic PRGs is a very different matter from wanting unpredictable and good quality pseudo-randoms for simulations and other purposes. The pcg-random link seems to be down now but for crypto, we have arc4random(3) which is pretty good and about to be improved further. Pedro.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55086E2D.9080806>