google / randen Goto Github PK

https://twitter.com/hashbreaker/status/1023966188949463046

From what I can understand, you used the standard 64-bit version of the Mersenne Twister. Considering that your code use specialized AES instructions, you should at least compare with the SFMT (SIMD-friendly Fast Mersenne Twister), which is almost twice as fast.

If you are not using the SSE2 version, I don't think the comparison you have currently on display is fair.

If not, why?
I'm now working on to publish my paper and this will cite your work since my homomorphic encryption library use randen as CPRNG.
https://github.com/virtualsecureplatform/TFHEpp/tree/master/thirdparties/randen
https://github.com/virtualsecureplatform/kvsp

Not an issue.

Just wanted to mention a C port of that code: https://github.com/jedisct1/randen-rng

Cheers!

We are using randen in our Homomorphic Encryption library.
https://github.com/virtualsecureplatform/TFHEpp/tree/master/thirdparties/randen

But, your LICENSE file is missing a copyright.

It may good for users to add proper information here.

./randen_benchmark
Illegal instruction (core dumped)

/opt/gcc-9.1.0/bin/g++ -c -I. -I../ -std=c++11 -Wall -O3 -fno-pic -mavx2 -maes -g3

backstack:
(gdb) bt
#0 0x000000000040162a in __fill_a<unsigned int*, unsigned int> (__value=@0xad2c60: 56, __last=0x7ffd509ee138, __first=0x7ffd509eddc0) at /opt/gcc-9.1.0/include/c++/9.1.0/bits/stl_algobase.h:1029
#1 fill<unsigned int*, unsigned int> (__value=@0xad2c60: 56, __last=0x7ffd509ee138, __first=0x7ffd509eddc0) at /opt/gcc-9.1.0/include/c++/9.1.0/bits/stl_algobase.h:749
#2 void randen::(anonymous namespace)::robust_statistics::CountingSort(unsigned int*, unsigned long) [clone .constprop.0] () at nanobenchmark.cc:430
#3 0x000000000040174e in Mode (num_values=256, values=0x7ffd509eddc0) at nanobenchmark.cc:538
#4 Mode<unsigned int, 256> (values=...) at nanobenchmark.cc:489
#5 randen::(anonymous namespace)::TimerResolution () at nanobenchmark.cc:538
#6 0x0000000000401869 in __static_initialization_and_destruction_0 (__priority=65535, __initialize_p=1) at nanobenchmark.cc:795
#7 _GLOBAL__sub_I__ZN6randen8platform14PinThreadToCPUEi () at nanobenchmark.cc:795
#8 0x000000000040beed in __libc_csu_init ()
#9 0x00007ff45a50eb95 in __libc_start_main () from /lib64/libc.so.6
#10 0x000000000040189d in _start () at /opt/gcc-9.1.0/include/c++/9.1.0/bits/stl_algobase.h:1029

My first thought was "why aren't other fast stream ciphers (e.g. Salsa) sufficient"?

Looks like the main qualitative motivation is backtracking resistance, which takes a dive into the README to understand. I think it would be nice to highlight at the top of the project to distinguish its goals!

https://software.intel.com/en-us/articles/intel-digital-random-number-generator-drng-software-implementation-guide