diff options
| author | Denys Vlasenko <vda.linux@googlemail.com> | 2014-03-15 09:25:46 +0100 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2014-03-15 09:25:46 +0100 |
| commit | ac03a40cbac4545909b6529d358c253f8a6d3b45 (patch) | |
| tree | 9b4bc1c4bff113fcdaf9a3dc794e9bd9498ba6cd /shell | |
| parent | 2bba591991f5ac9b97582e37375dd49492c63df0 (diff) | |
| download | busybox-w32-ac03a40cbac4545909b6529d358c253f8a6d3b45.tar.gz busybox-w32-ac03a40cbac4545909b6529d358c253f8a6d3b45.tar.bz2 busybox-w32-ac03a40cbac4545909b6529d358c253f8a6d3b45.zip | |
ash,hush: fix a thinko about 2^64-1 factorization
function old new delta
next_random 113 119 +6
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'shell')
| -rw-r--r-- | shell/random.c | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/shell/random.c b/shell/random.c index fc2dfc26d..5d3620516 100644 --- a/shell/random.c +++ b/shell/random.c | |||
| @@ -80,7 +80,6 @@ next_random(random_t *rnd) | |||
| 80 | rnd->galois_LFSR = t; | 80 | rnd->galois_LFSR = t; |
| 81 | 81 | ||
| 82 | /* http://en.wikipedia.org/wiki/Xorshift | 82 | /* http://en.wikipedia.org/wiki/Xorshift |
| 83 | * Period 2^64-1 = 3 * 715827883 * 2147483647 | ||
| 84 | * Moderately good statistical properties: | 83 | * Moderately good statistical properties: |
| 85 | * fails the following "dieharder -g 200 -a" tests: | 84 | * fails the following "dieharder -g 200 -a" tests: |
| 86 | * diehard_operm5| 0 | 85 | * diehard_operm5| 0 |
| @@ -102,11 +101,19 @@ next_random(random_t *rnd) | |||
| 102 | * dab_filltree| 32 | 101 | * dab_filltree| 32 |
| 103 | * dab_monobit2| 12 | 102 | * dab_monobit2| 12 |
| 104 | */ | 103 | */ |
| 104 | again: | ||
| 105 | t = rnd->xs64_x ^ (rnd->xs64_x << a); | 105 | t = rnd->xs64_x ^ (rnd->xs64_x << a); |
| 106 | rnd->xs64_x = rnd->xs64_y; | 106 | rnd->xs64_x = rnd->xs64_y; |
| 107 | rnd->xs64_y = rnd->xs64_y ^ (rnd->xs64_y >> c) ^ t ^ (t >> b); | 107 | rnd->xs64_y = rnd->xs64_y ^ (rnd->xs64_y >> c) ^ t ^ (t >> b); |
| 108 | /* | ||
| 109 | * Period 2^64-1 = 2^32+1 * 2^32-1 has a common divisor with Galois LFSR. | ||
| 110 | * By skipping two possible states (0x1 and 0x2) we reduce period to | ||
| 111 | * 2^64-3 = 13 * 3889 * 364870227143809 which has no common divisors: | ||
| 112 | */ | ||
| 113 | if (rnd->xs64_y == 0 && rnd->xs64_x <= 2) | ||
| 114 | goto again; | ||
| 108 | 115 | ||
| 109 | /* Combined LCG + Galois LFSR have 2^32 * 2^32-1 period. | 116 | /* Combined LCG + Galois LFSR rng has 2^32 * 2^32-1 period. |
| 110 | * Strength: | 117 | * Strength: |
| 111 | * individually, both are extremely weak cryptographycally; | 118 | * individually, both are extremely weak cryptographycally; |
| 112 | * when combined, they fail the following "dieharder -g 200 -a" tests: | 119 | * when combined, they fail the following "dieharder -g 200 -a" tests: |
| @@ -118,9 +125,8 @@ next_random(random_t *rnd) | |||
| 118 | * dab_monobit2| 12 | 125 | * dab_monobit2| 12 |
| 119 | * | 126 | * |
| 120 | * Combining them with xorshift-64 increases period to | 127 | * Combining them with xorshift-64 increases period to |
| 121 | * 2^32 * 2^32-1 * 2^64-1 / 3 | 128 | * 2^32 * 2^32-1 * 2^64-3 |
| 122 | * (2^32-1 and 2^64-1 have one common divisor 3, hence "/ 3" part), | 129 | * which is about 2^128, or in base 10 ~3.40*10^38. |
| 123 | * which is about 2^128 / 3, or in base 10 ~1.13*10^38. | ||
| 124 | * Strength of the combination: | 130 | * Strength of the combination: |
| 125 | * passes all "dieharder -g 200 -a" tests. | 131 | * passes all "dieharder -g 200 -a" tests. |
| 126 | * | 132 | * |