Wednesday, February 27, 2013

PRNG Comparisons

Comparison of various PRNGs

Overview

Implementations of a few psuedo-random number generators, and a comparison of their statistical properties.

PRNGs Tested

  • Clock Drift -- A small program to measure the number of CPU cycles between the thread quantums (How till the operating system gets back to that thread)
  • AES Encryption -- Chris's AES encryption based PRNG
  • Atmospheric Data -- Collected from the webservice at random.org
  • /dev/random -- Entropy from user input (ie. Keyboard or mouse) ran through SHA1
  • /dev/urandom -- Same as /dev/random but reuses the entropy pool to prevent blocking
  • XORed Data -- All of the above data (Excluding urandom) XORed together

Methodology

Each method was run 20 times generating 1kB files. These files were ran through using the ent program and the results averaged. Lower values equate to 'better' random data.

Results


Source Code

 https://github.com/plurSKI/prngComparison

Conclusion

All the methods had decent distribution, and XORing them together obviously doesn't change that (Just makes it harder to reverse engineer the numbers). I was surprised by the decency of the clock drift data, especially considering how fast it is, although the high serial correlation is irksome. I actually use the included randomScript to generate random passwords for volatile partitions (such as /tmp/ and swap).

No comments: