
PCG, A Family of Better Random Number Generators - aburan28
http://pcg-random.org/
======
ufo
There is a seminar about PCG from its author available on youtube.

[https://www.youtube.com/watch?v=45Oet5qjlms](https://www.youtube.com/watch?v=45Oet5qjlms)

Its a bit long but I highly recommend it. I learned a lot about RNGs from it.

~~~
vtsrh
Speaker mentions[0] that it is possible to get a different statistically
random value every time you run the program, without _any_ input to the
program, apparently by using some tricks, but she refuses to elaborate for the
camera. Can anyone explain how that works?

Has this something to do with address space randomization?

[0]:[https://youtu.be/45Oet5qjlms?t=1h3m3s](https://youtu.be/45Oet5qjlms?t=1h3m3s)

~~~
echaozh
> (This last one relies on the operating system placing myRNG at a different
> address every time the program is run. It's not as strong as the other
> techniques.)

from: [http://www.pcg-random.org/useful-features.html#id2](http://www.pcg-
random.org/useful-features.html#id2)

~~~
justincormack
Linux gives each process a 32 bit random seed, which is probably more useful
(as is making a syscall). On an embedded system the address seed may well be
useless anyway.

------
dchest
Experimental Go implementation by Rob Pike, as a replacement for math/rand:
[https://go-review.googlesource.com/#/c/10161/](https://go-
review.googlesource.com/#/c/10161/)

------
panax
This is fine for quickly generating random numbers for simulations, just don't
use it for cryptographic applications. If you want random numbers for crypto
use a CSPRNG.

~~~
danieltillett
For non-crypto applications it is really good. Very fast and simple.

------
jey
Sounds awesome, if it lives up to its claims. Have the domain experts weighed
in on this yet?

~~~
carterehsmith
The latest word is,

"This paper is currently submitted to ACM Transactions on Mathematical
Software, where it is currently under review. "

------
vtsrh
This is great, but everything so far is overly positive. Can we get some
negative criticism as well. Anyone qualified?

~~~
dhekir
I must have done something wrong, but I tried the basic C implementation
([https://github.com/imneme/pcg-c-basic](https://github.com/imneme/pcg-c-
basic)) on a quick Diehard-like test and it failed. I'm still trying to
understand why. Probably not its fault, just that the code is not as forgiving
and ready-to-consume as I had expected.

~~~
vtsrh
It passed for me. Where did you get the diehard test? If you compiled it
directly from
[http://www.stat.fsu.edu/pub/diehard/](http://www.stat.fsu.edu/pub/diehard/)
then it is because that source is broken.

~~~
panax
Try using Dieharder. It incorporates most of the Diehard tests, as well as
other tests and is much more rigorous.

sudo apt-get install dieharder

[http://www.phy.duke.edu/~rgb/General/dieharder.php](http://www.phy.duke.edu/~rgb/General/dieharder.php)

If you make a GSL interface for the RNG it will make using dieharder much
easier

~~~
vtsrh
How do you build dieharder on windows? I guess you just don't...

------
trebor
I'm impressed by how fast this algorithm is. I wrote a toy implementation in
Go, and it was only ~50ns/op to generate random numbers. And it's very even in
distribution, but I'd have to rerun my tests to find the percentage again.

~~~
dminor
Same here - first thing I wrote in go, just to play with the language:
[https://github.com/davidminor/gorand](https://github.com/davidminor/gorand)

------
danieltillett
Wow talk about a coincidence - I just implemented this algorithm today as the
RNG for some bootstrapped statistic code. One thing I can say is it very fast,
but the code for seeding is not great on any platform without /dev/random.

~~~
LoSboccacc
I implemented the mersenne twister to generate 2d planets in a galaxy of a
game I am working on a while ago.. I didn't know about this pcg and it's an
interesting read!

I had been limited in selection on the random number generator reproducibility
(so that each planet is only stored as the seed for the generator)

I'll have a try later on, it'd be interesting how a sampling of planets turn
out from both rngs, if they are visually different - the rng is used both for
features and for the perlin noise that generates cloud&land textures, so any
artifact should come up easy in the textures

~~~
danieltillett
Give it a try - I just used the minimum C code function and implemented my own
seeding function.

------
Amiga64
Interesting. I don't think people realize just how slow rand() can be if it is
called frequently in your c/c++ program. Marsaglia's xorshf is the fastest
algorithm that I know of that also give a ok statistical quality.

------
joseraul
Looks like a very good and fast PRNG. How could it possibly achieve higher
statistical quality than a secure PRNG? I guess that depends on how you define
quality.

~~~
explorigin
It does not claim to be security quality.

------
mturmon
Seems perfectly reasonable and worth knowing about. Thanks for submitting.

------
kabouseng
Shouldn't the title read: ....better psuedo-random ...

------
daurnimator
Unless it's secure, I see no motivation to use it.

In their table, they acknowledge that Arc4Random and ChaCha20 as secure. The
only negatives against ChaCha20 is that it's not 'fast enough' and
k-Dimensional Equidistribution. In my experience it's never showed up in my
profiling, so I feel it's fast enough; and I'm not sure why I want
k-Dimensional Equidistribution.

So... I'll keeping using ChaCha20 when I need to (it's part of nacl/libsodium
if you don't know where to get it from).

~~~
bradleyjg
Just as you wouldn't want to use a general purpose PRNG for security
applications so too you wouldn't want to use a secure PRNG for general
purposes, particularly demanding applications such as Monte Carlo simulations.

Your dismissal strikes me as both ignorant and rude.

~~~
daurnimator
> Just as you wouldn't want to use a general purpose PRNG for security
> applications so too you wouldn't want to use a secure PRNG for general
> purposes, particularly demanding applications such as Monte Carlo
> simulations.

Why not? It's perfectly valid to use a secure RNG for non-secure purposes.

As I mentioned, I've used ChaCha20 for those sort of purposes too. And the
random number generation barely shows up as a fraction of the runtime.

i.e. improving 1% of the runtime by 99% isn't worth the overhead of having
more than one random number generator.

~~~
danieltillett
The reason why is crypto RNG are much slower than something less secure. It
really depends on the application, but in the code I wrote today a significant
fraction of my application’s time was spent in the RNG function. By replacing
the RNG I managed to speed up my code by a bit over 2 fold. I am not doing
crypto work so this is great.

~~~
daurnimator
ChaCha is fast. very fast. see just below:
[https://news.ycombinator.com/item?id=9890599](https://news.ycombinator.com/item?id=9890599)
I'm not sure why they marked it as "fairly slow" in the table in the OP.

~~~
danieltillett
Fast and slow are all relative - ChaCha is relatively fast but PGC is faster.

