Random number generation

Torbjorn Granlund tege at swox.com
Thu Nov 3 17:18:43 CET 2005

Décio Luiz Gazzoni Filho <decio at decpp.net> writes:

  Really? I never noticed that -- to me this just counted the
  number of  cycles since the machine booted. You're talking about
  e.g. the RDTSC  instruction in IA-32, right?

My experience is that it varies with operating system, and
processor architecture.

(We use these features in gmp/tune/*.asm for many processor
architectures, if somebody cares to take a look.)

  > The current time is a better entropy source, except that it is
  > not useful for cryptographic purposes.

  Typically I'd use something like the time with microsecond
  granularity and the cycle counter. A bit more entropy than just
  the  time.

One need to consider the intended use.  For the automated nightly
GMP builds, we seed using time + pid.  All test machines start
with cron at the same wall time, so adding pid makes it less
likely that two machines will use the same seed.

But if one intends to start a program very often, seeding that
way is not very clever.

I common mistake people do is to seed every time they need a
random number.  That lowers the randomness of the sequence, and
can waste many, many cycles.

And as have been said before, gathering entropy for cryptographic
purposes is an entirely different subject...


More information about the gmp-discuss mailing list