bug-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: $RANDOM not Cryptographically secure pseudorandom number generator


From: Ole Tange
Subject: Re: $RANDOM not Cryptographically secure pseudorandom number generator
Date: Mon, 7 Jan 2019 07:54:56 +0100

On Sat, Jan 5, 2019 at 9:14 PM Eduardo A. Bustamante López
<dualbus@gmail.com> wrote:>
> On Fri, Dec 28, 2018 at 10:24:50AM +0100, Ole Tange wrote:
> (...)
> > Patch attached.
:
> I applied the Salsa20 RNG patch (slightly modified due to the recent changes 
> in
> variables.c, attached [1]) to the tip of `devel`
> (89b3a79dd4643f210f8443856214d558572733a5) and ran a couple of tests, to 
> answer
> the following questions:
>
> - Does the new RNG generate uniformly distributed numbers? (Yes)
> - What is the performance impact (roughly 2X slower)
> - Does it break any existing tests? (Yes, easy to fix)
>
>
> 1. RNG distribution
:
> 2. Performance impact
>
> The new RNG does more work, and thus, it is expected to have a performance
> impact when generating lots of random numbers. I tested 3 systems (2 amd64 
> and 1
> armhf) and include the results below.
:
> | BASH_VERSION: 4.4.23(1)-release
> | time: 3.705
:
> | BASH_VERSION: 5.0.0(1)-rc1
> | time: 8.983

That is an unfair comparison. You need to compare 5.0.0(1)-rc1+patch
with 5.0.0(1)-rc1 to see if the delay is caused by Salsa20.

My testing says the delay is _not_ cause by that.


/Ole



reply via email to

[Prev in Thread] Current Thread [Next in Thread]