On 9/3/21 12:35 AM, John Rose wrote: > The reference I’d like to give here is to Dr. Melissa O’Neill’s > website and articles:
I'm quite sceptical. Anyone who says a (non-cryptographic) random- number generator is "hard to predict" is either quite naive or in a state of sin, (;-) and while O’Neill’s argument seems sound, it doesn't seem to have convinced the academic world. Lemire is thoughtful: https://lemire.me/blog/2017/08/15/on-melissa-oneills-pcg-random-number-generator/ I wonder about AES, which can do (on Apple M1) 2 parallel rounds per clock cycle. I'm quite tempted to try a reduced- round AES on the TestU01 statistical tests. Maybe 6 rounds? However, there can be a long latency between FPU and integer CPU, so perhaps it's not such a great idea. Also, you have to load the key registers before you can generate a random number, so it only really works if you want to generate a lot of bits at a time. But it is maybe 128 randomish bits per a few clock cycles. -- Andrew Haley (he/him) Java Platform Lead Engineer Red Hat UK Ltd. <https://www.redhat.com> https://keybase.io/andrewhaley EAC8 43EB D3EF DB98 CC77 2FAD A5CD 6035 332F A671
