Re: [PATCH,RFC] random: make fast_mix() honor its name

Sun, 22 Sep 2013 14:02:41 -0700 

Hi Theodore,

Theodore Ts'o wrote, on 09/22/2013 05:05:
> The following fast_mix function, with the loop unrolling, is about 70%
> slower than your proposed version, but it's still four times faster
> than the original byte-based fast_mix function.  This is what I'm
> considering using as a compromise.
> 
> Any comments or objections?
> 
>                                       - Ted
> 
> static void fast_mix(struct fast_pool *f, __u32 input[4])
> {
>       __u32           w;
>       int i;
>       unsigned        input_rotate = f->rotate;
> 
> #if 0
>       for (i = 0; i < 4; i++) {
>               w = rol32(input[i], input_rotate) ^ f->pool[i] ^
>                       f->pool[(i + 3) & 3];
>               f->pool[i] = (w >> 3) ^ twist_table[w & 7];
>               input_rotate = (input_rotate + (i ? 7 : 14)) & 31;
>       }
> #else   /* loop unrolled for speed */
>       w = rol32(input[0], input_rotate) ^ f->pool[0] ^ f->pool[3];
>       f->pool[0] = (w >> 3) ^ twist_table[w & 7];
>       input_rotate = (input_rotate + 14) & 31;
>       w = rol32(input[1], input_rotate) ^ f->pool[1] ^ f->pool[0];
>       f->pool[1] = (w >> 3) ^ twist_table[w & 7];
>       input_rotate = (input_rotate + 7) & 31;
>       w = rol32(input[2], input_rotate) ^ f->pool[2] ^ f->pool[1];
>       f->pool[2] = (w >> 3) ^ twist_table[w & 7];
>       input_rotate = (input_rotate + 7) & 31;
>       w = rol32(input[3], input_rotate) ^ f->pool[3] ^ f->pool[2];
>       f->pool[3] = (w >> 3) ^ twist_table[w & 7];
>       input_rotate = (input_rotate + 7) & 31;
> #endif
>       f->count += 16;
>       f->rotate = input_rotate;
> }
> 

just out of interest I would like to ask why this mixing function has to be that
complicated. For example, even if the input is always 0 and the pool is seeded
with pool[0] = 1 (as in your test program) this algorithm generates some
(predictable) pseudo-random numbers in the pool. Is this necessary?

To just mix in some random input filling the whole pool (seeded again with
pool[0] = 1) something as "simple" as

          f->pool[0] = rol32(input[0], f->pool[2] & 31) ^ f->pool[1];
          f->pool[1] = rol32(input[1], f->pool[3] & 31) ^ f->pool[2];
          f->pool[2] = rol32(input[2], f->pool[0] & 31) ^ f->pool[3];
          f->pool[3] = rol32(input[3], f->pool[1] & 31) ^ f->pool[0];

would suffice, although I didn't do any statistical tests.

Best regards,
Jörg-Volker.
-- 


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Reply via email to