[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: $RANDOM not Cryptographically secure pseudorandom number generator
From: |
Ole Tange |
Subject: |
Re: $RANDOM not Cryptographically secure pseudorandom number generator |
Date: |
Mon, 7 Jan 2019 07:54:56 +0100 |
On Sat, Jan 5, 2019 at 9:14 PM Eduardo A. Bustamante López
<dualbus@gmail.com> wrote:>
> On Fri, Dec 28, 2018 at 10:24:50AM +0100, Ole Tange wrote:
> (...)
> > Patch attached.
:
> I applied the Salsa20 RNG patch (slightly modified due to the recent changes
> in
> variables.c, attached [1]) to the tip of `devel`
> (89b3a79dd4643f210f8443856214d558572733a5) and ran a couple of tests, to
> answer
> the following questions:
>
> - Does the new RNG generate uniformly distributed numbers? (Yes)
> - What is the performance impact (roughly 2X slower)
> - Does it break any existing tests? (Yes, easy to fix)
>
>
> 1. RNG distribution
:
> 2. Performance impact
>
> The new RNG does more work, and thus, it is expected to have a performance
> impact when generating lots of random numbers. I tested 3 systems (2 amd64
> and 1
> armhf) and include the results below.
:
> | BASH_VERSION: 4.4.23(1)-release
> | time: 3.705
:
> | BASH_VERSION: 5.0.0(1)-rc1
> | time: 8.983
That is an unfair comparison. You need to compare 5.0.0(1)-rc1+patch
with 5.0.0(1)-rc1 to see if the delay is caused by Salsa20.
My testing says the delay is _not_ cause by that.
/Ole