better random numbers

Raffaello Giulietti raffaello.giulietti at gmail.com
Tue Sep 7 09:53:05 UTC 2021


Hello,


On 2021-09-05 16:43, Andrew Haley wrote:
> On 9/3/21 12:35 AM, John Rose wrote:
> 
>> The reference I’d like to give here is to Dr. Melissa O’Neill’s
>> website and articles:
> 
> I'm quite sceptical. Anyone who says a (non-cryptographic) random-
> number generator is "hard to predict" is either quite naive or in a
> state of sin, (;-) and while O’Neill’s argument seems sound, it
> doesn't seem to have convinced the academic world.
> 
> Lemire is thoughtful:
> https://lemire.me/blog/2017/08/15/on-melissa-oneills-pcg-random-number-generator/
> 

On this blog entry (year 2017), Lemire is not giving any technical or 
scientific argument in favor or against PCG.

He also refers to, and quotes from, a blog entry (year 2015) of an 
influential researcher (whose work he respects) suggesting the entry has 
harsh words about PCG. The fact is, that entry doesn't mention PCG or 
O'Neill at all and the quotation if not found there.

Looking at Lemire's formal papers, they don't seem to be about PRNGs, 
except for one (curiously written with O'Neill herself in 2019!) about 
statistical tests of variants of Xorshift and Xoroshiro.

I'm not competent on PRNGs at all. Still, I wouldn't rely on Lemire's 
blog entry when it comes to PCG. I'd rather look for other (rare) 
re/sources.




> I wonder about AES, which can do (on Apple M1) 2 parallel rounds per
> clock cycle. I'm quite tempted to try a reduced- round AES on the
> TestU01 statistical tests. Maybe 6 rounds? However, there can be a
> long latency between FPU and integer CPU, so perhaps it's not such a
> great idea. Also, you have to load the key registers before you can
> generate a random number, so it only really works if you want to
> generate a lot of bits at a time. But it is maybe 128 randomish bits
> per a few clock cycles.
> 


More information about the core-libs-dev mailing list