On Wed, May 29, 2019 at 10:13:43AM +0000, Reshetova, Elena wrote: > On related note: the current prng we have in kernel (prandom) is based on a > *very old* style of prngs, which is basically 4 linear LFSRs xored together. > Nowadays, we have much more powerful prngs that show much better > statistical and even security properties (not cryptographically secure, but > still > not so linear like the one above). > What is the reason why we still use a prng that is couple of decades away > from the > state of art in the area? It is actively used, especially by network stack, > should we update it to smth that is more appropriate (speed would be > comparable)? > > I am mostly talking about PCG-based generators: > http://www.pcg-random.org/ > > If people are interested, I could put together a PoC and we have an expert > here we can > consult for providing calculations for min-entropy, HILL entropy and whatever > is requested.
If we get better generators with no speed loss, I can't imagine anyone objecting. :) -- Kees Cook
