ARS5
This is a keyed family of counter-based BRNGs. The state consists of 128-bit integer counter
c
and a 128-bit key k
. The BRNG is based on the AES encryption algorithm [FIPS-197]. The 32-bit output is obtained in the following way [Salmon2011]:- Thei-th number is defined by the following formula:ri=(f(i/4) >> ((i mod 4) * 32) mod 232
- Functionf(c)takes 128-bit input and produces 128-bit result obtained in the following way:
- Putc0=c xor kandk0=k.
- The following recurrence is calculated N times:
- ci+1= SubBytes(c)
- ci+1= ShiftRows(ci+1)
- ci+1= MixColumns(ci+1) , this step is omitted ifi + 1 = N
- ci+1= AddRoundKey(ci+1,kj)
- Lo(ki+1) = Lo(k) + 0x9E3779B97F4A7C15Hi(ki+1) = Hi(k) + 0xBB67AE8584CAA73B
- Putf(c) = cN, whereN= 5
- Real output:un=(int)rn/232+½
Specification for the SubBytes , ShiftRows , MixColumns and AddRoundKey functions can be found in [FIPS-197].
Real Implementation (Single and Double Precision)
The output vector is the sequence of the floating-point values
u
0
, u
1
, ...Integer Implementation
The output vector of 32-bit integers
r
0
, r
1
, ...Stream Initialization by Function vslNewStream
ARS5 generates the stream and initializes it specifying the 32-bit input integer parameter seed. The stream state is two 128-bit numbers
c
and k
initialized in the following way:- Assumek= seed.
- Assumec= 0.
Stream Initialization by Function vslNewStreamEx
ARS5 generates the stream and initializes it specifying the array params[] of
n
32-bit integers:- Ifn= 0, assumec=k= 0.
- Ifn= 1, assumek= params[0],c= 0.
- Ifn= 2, assumek= params[0] + params[1]*232,c= 0.
- Ifn= 3, assumek= params[0] + params[1]*232+ params[2]*264,c= 0.
- Ifn= 4, assumek= params[0] + params[1]*232+ params[2]*264+ params[3]*296,c= 0.
- Ifn= 5, assumek= params[0] + params[1]*232+ params[2]*264+ params[3]*296,c= params[4].
- Ifn= 6, assumek= params[0] + params[1]*232+ params[2]*264+ params[3]*296,c= params[4] + params[5]*232.
- Ifn= 7, assumek= params[0] + params[1]*232+ params[2]*264+ params[3]*296,c= params[4] + params[5]*232+ params[6]*264.
- Ifn>= 8, assumek= params[0] + params[1]*232+ params[2]*264+ params[3]*296,c= params[4] + params[5]*232+ params[6]*264+ params[7]*296.
Subsequences Selection Methods
vslSkipAheadStream | Supported |
vslSkipAheadStreamEx | Supported |
vslLeapfrogStream | Not supported |
Generator Period
Empirical Testing Results Summary
Test Name | vsRngUniform | vdRngUniform | viRngUniform | viRngUniformBits |
|---|---|---|---|---|
3D Spheres Test | OK (20% errors) | OK (20% errors) | Not applicable | OK (20% errors) |
Birthday Spacing Test | Not applicable | Not applicable | Not applicable | OK (0% errors) |
Bitstream Test | Not applicable | Not applicable | Not applicable | OK (15% errors) |
Rank of 31x31 Binary Matrices Test | Not applicable | Not applicable | Not applicable | OK (0% errors) |
Rank of 32x32 Binary Matrices Test | Not applicable | Not applicable | Not applicable | OK (0% errors) |
Rank of 6x8 Binary Matrices Test | Not applicable | Not applicable | Not applicable | OK (0% errors) |
Counts-the-1’s Test (stream of bits) | Not applicable | Not applicable | Not applicable | OK (0% errors) |
Counts-the-1’s Test (stream of specific bytes) | Not applicable | Not applicable | Not applicable | OK (0% errors) |
Craps Test | OK (30% errors) | OK (30% errors) | OK (30% errors) | OK (30% errors) |
Parking Lot Test | OK (10% errors) | OK (10% errors) | Not applicable | OK (10% errors) |
2D Self-Avoiding Random Walk Test | OK (20% errors) | OK (10% errors) | Not applicable | OK (10% errors) |
- The tabulated data is obtained using the one-level (threshold) testing technique. The OK result indicates FAIL < 50%. The run fails when p-value falls outside the interval [0.05, 0.95].
- The stream tested is generated by calling the function vslNewStream with seed=7,777,777.