Date: Tue, 17 Mar 2015 13:39:26 -0500 From: Pedro Giffuni <pfg@FreeBSD.org> To: Mehmet Erol Sanliturk <m.e.sanliturk@gmail.com> Cc: dennis.hamilton@acm.org, freebsd-numerics@freebsd.org Subject: Re: Random number generators Message-ID: <550874DE.3060700@FreeBSD.org> In-Reply-To: <CAOgwaMs3Wz7JSx7R%2Bm0ikSV6_kknaRn%2BV6ZF01cjLL3S4j-VJg@mail.gmail.com> References: <7CBD7758-9472-4A2E-8065-EC6E68EE8DAB@FreeBSD.org> <20150317060310.GA21975@troutmask.apl.washington.edu> <F6137E2C-FDF2-46B3-BFC2-1975AFA40951@FreeBSD.org> <00a001d060d7$0077f100$0167d300$@acm.org> <55086E2D.9080806@FreeBSD.org> <CAOgwaMs3Wz7JSx7R%2Bm0ikSV6_kknaRn%2BV6ZF01cjLL3S4j-VJg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi; On 03/17/15 13:18, Mehmet Erol Sanliturk wrote: > > > On Tue, Mar 17, 2015 at 11:10 AM, Pedro Giffuni <pfg@freebsd.org > <mailto:pfg@freebsd.org>> wrote: > > Hi Dennis; > > On 03/17/15 12:22, Dennis E. Hamilton wrote: > > There is a lot of discussion about qualities of Random Number > generators on cryptography lists. MT is not a good choice for > that, but it might not need to be important for other > applications. > > There has been some recent work, PCG, that has attracted some > attention, <http://www.pcg-random.org/>. There are good videos > explaining what the approach is about as well. PCG also has > implementations in C. (It is under the Apache License 2.0 > too: <https://github.com/imneme/pcg-c-basic>; for a minimal > family and <https://github.com/imneme/pcg-c>; for ones with > extended capabilities.) > > The analysis of what does and doesn't work, and how passing > diehard is too easy, is also valuable. > > If you are serious about crypto grade randomness, libc is > probably not the answer. Generally, I don't think reliance on > a single generator for general purpose use and for > cryptographic quality is going to work well. This is a very > context-sensitive situation and addressing specific threat > models against cryptographic PRGs is a very different matter > from wanting unpredictable and good quality pseudo-randoms for > simulations and other purposes. > > > The pcg-random link seems to be down now but for crypto, we have > arc4random(3) which is pretty good and about to be improved further. > > Pedro. > > _______________________________________________ > > > > Three of the above links are accessible from here at Izmir , in Turkey . > It just came up here. It looks like PCG compares favorably with ChaCha20, but this is PCG's page and the comparison is not very clear ("Secure" vs "Challenging"?) It may be worth considering though. Pedro.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?550874DE.3060700>