Engine list

List of the Pseudo-Random Number Genearators (PRNG), called “engines”, of the Hasard library.

Good PRNG

All of these generators can by used for games or physical simulations. There are uniform. Except GSL and KISS, the seed is a least 128 bits.

  • arcfour
    • Arcfour (RC4)
    • http://en.wikipedia.org/wiki/RC4
    • Support set_seed(int) and set_seed(bytes)
    • Seed: 2048 bits
    • the period is larger than 10^100 (~2^332.2), see: “Stream Ciphers”, RSA Laboratories Technical Report TR-701, July 1995
  • mersenne_twister
  • isaac
  • glib
    • g_rand_int(), g_rand_double_range(), g_rand_set_seed() functions of the glib library.
    • http://www.gtk.org/
    • Implement Mersenne Twister
    • Seed: 128 bits
    • Tick range: [0; 4294967295]
  • dev_nonblocking
    • UNIX/BSD device /dev/urandom
    • Non-blocking and unsafe
  • openssl_pseudo
    • RAND_pseudo_bytes() function of the OpenSSL library
  • gcrypt_strong:
    • gcry_randomize(GCRY_STRONG_RANDOM) function of the gcrypt library
    • for session keys
    • non blocking
  • gsl:
    • gsl_rng_get(), gsl_rng_uniform_int(), gsl_rng_uniform() and gsl_rng_set() functions of the GSL library.
    • Use the default algorithm ("mt19937")
    • Seed: 32 or 64 bits (size of an unsigned long in bits)
    • Tick range: [0; 4294967295]
  • gmp_mt:
    • mpz_urandomm(), mpf_urandomb() and gmp_randseed() functions of the GMP library
    • Use Mersenne Twister (default) algorithm
    • Seed: 128 bits
    • Tick range: [0; 4294967295]
  • kiss:
  • havege
  • nspr
    • “NetScape Portable Runtime library”
    • PR_GetRandomNoise() function of the nspr library, get random noise from the host platform
    • The intent of PR_GetRandomNoise() is to provide a “seed” value for a another random number generator that may be suitable for cryptographic operations. This implies that the random value provided may not be, by itself, cryptographically secure. The value generated by PR_GetRandomNoise() is at best, extremely difficult to predict and is as non-deterministic as the underlying platform can provide.
    • Calls to PR_GetRandomNoise() may use a lot of CPU on some platforms. Some platforms may block for up to a few seconds while they accumulate some noise. Busy machines generate lots of noise, but care is advised when using PR_GetRandomNoise() frequently in your application.

Secure generators

A secure or “cryptographic” generator can be used to generate password or certificate. An attacker is not able to guess previous generated numbers, even if he knows the internal state.

  • dev_blocking
    • /dev/srandom on OpenBSD, or /dev/random on other UNIX/BSD
    • Block if there is no more entropy, you have to wait next hardware interruption, keyboard stroke, mouse event, etc.
  • dev_hardware
    • UNIX/BSD device /dev/random
    • Block if there is no more entropy, you have to wait next hardware interruption, keyboard stroke, mouse event, etc.
  • openssl_secure
    • RAND_bytes() function of the OpenSSL library
  • cryptgen
    • CryptGenRandom() function on the Windows API (advapi32.dll)
    • Windows API to generate pseudo-random numbers
    • Use RC4 and SHA-1
    • This generator is not cryptographic secure because it uses RC4, which can be run backward once its state is known
  • gcrypt_very_strong
    • gcry_randomize(GCRY_VERY_STRONG_RANDOM) function of the gcrypt library
    • for key material
    • blocking
  • havege_crypto

Weak PRNG

  • gcrypt_nonce
    • gcry_create_nonce() function of the gcrypt library
  • gcrypt_weak
    • gcry_randomize(GCRY_WEAK_RANDOM) function of the gcrypt library

Weak PRNG of hasardweak library

Weak engines use a small internal state, a small seed and are highly predictable by an attacker. Most of them are not uniform (especially the lower bits). Don’t use them!

LCG

  • libc_rand
    • rand() function of the system standard library C
    • Tick range: [0; RAND_MAX]
    • Seed: 31 bits
    • WARNING: This engine is not reentrant
  • libc_rand_r
    • rand_r() function of the system standard library C
    • Tick range: [0; RAND_MAX]
    • Seed: 31 bits
  • libc_rand48
    • nrand48(), erand48() and seed48() functions of the standard library C
    • x(n+1) = (x(n) * 25214903917 + 11) % 2^48
    • tick(n) = (x(n) >> 17)
    • Tick range: [0; 2147483647]
    • Seed: 48 bits
    • WARNING: This engine is not reentrant
  • libc_rand48_r
    • nrand48_r(), erand48_r() and seed48_r() functions of the standard library C
    • x(n+1) = (x(n) * 25214903917 + 11) % 2^48
    • tick(n) = (x(n) >> 17)
    • Seed: 48 bits
    • Tick range: [0; 2147483647]
  • libc_random
    • random() function of the system standard library C
    • Tick range: [0; RAND_MAX]
    • Seed: 32 bits
    • WARNING: This engine is not reentrant
    • See also libc_random_r_* (the reentrant version)
  • libc_random_r_8, libc_random_r_32, libc_random_r_64, libc_random_r_128, libc_random_r_256
    • random_r() function of the system standard library C with a state of 8, 32, 64, 128 or 256 bytes
    • Tick range: [0; RAND_MAX]
    • Seed: 32 bits
    • See also libc_random (non reentrant version)
  • zx_spectrum
    • x(n+1) = (x(n) * 75) % 65537
    • tick(n) = x(n) - 1
    • Tick range: [0; 65536]
    • Period: 65536 (2^16)
    • Seed: ~16 bits
  • randu
    • http://en.wikipedia.org/wiki/RANDU
    • x(n+1) = (x(n) * 65539) % 2147483648
    • tick(n) = x(n) - 1
    • Tick range: [0; 2147483646]
    • Minimum period: 536870912 (2^29)
    • Seed: 31 bits
    • RANDU is one of the worst PRNG!
  • minimum_standard
    • “Minimum standard”, ANSI C, Watcom, Digital Mars, CodeWarrior, ...
    • x(n+1) = (x(n) * 1103515245 + 12345) % 2147483648
    • Period: 2147483648 (2^31)
    • Seed: 31 bits
  • park_miller
    • Park-Miller “Minimum Standard”, first proposed by Lewis, Goodman, and Miller in 1969
    • x(n+1) = (x(n) * 16807) % 2147483647
    • tick(n) = x(n) - 1
    • Tick range: [0; 2147483645]
    • Period: 2147483646 (2^31 - 1)
    • Seed: 31 bits
  • windows
    • x(n+1) = (x(n) * 214013 + 2531011) % 32768
    • tick(n) = (x(n) >> 16) & 32767
    • Tick range: [0; 32767]
    • Period: 2147483648 (2^31)
    • Seed: 32 bits
  • rand48
    • x(n+1) = (x(n) * 25214903917 + 11) % 2^48
    • tick(n) = (x(n) >> 17)
    • Tick range: [0; 2147483647]
    • Seed: 48 bits

RAND_MAX is 32767 on Windows or 2147483647 on Linux.

Other

  • middle_square
    • Middle-square algorithm, by John von Neumann (1946), using 5 decimal digits
    • x(n+1) = (x(n) * x(n) / 100) % 10^5
    • Minimum period: 1
    • Maximum period: 41
    • Seed: ~16.6 bits

Test generators

Generators reserved for testing purpose.

  • zero
    • only generate nul bits
    • Period: 1
    • no seed
  • one
    • only generate one bits
    • Period: 1
    • no seed
  • counter
    • loop on the sequence 0, 1, 2, ..., 255
    • Period: 256
    • Seed: 8 bits

zero, one and counter support get/set seed, get/set state, reseed and skip tick.