\author{Jacques M. Bahi, Rapha\"{e}l Couturier, Christophe
-Guyeux, and Pierre-Cyrille Heam\thanks{Authors in alphabetic order}}
+Guyeux, and Pierre-Cyrille Héam\thanks{Authors in alphabetic order}}
In this paper we present a new pseudorandom number generator (PRNG) on
graphics processing units (GPU). This PRNG is based on the so-called chaotic iterations. It
Let $\delta $ be the \emph{discrete Boolean metric}, $\delta
(x,y)=0\Leftrightarrow x=y.$ Given a function $f$, define the function:
+%%RAPH : ici j'ai coupé la dernière ligne en 2, c'est moche mais bon
F_{f}: & \llbracket1;\mathsf{N}\rrbracket\times \mathds{B}^{\mathsf{N}} &
\longrightarrow & \mathds{B}^{\mathsf{N}} \\
-& (k,E) & \longmapsto & \left( E_{j}.\delta (k,j)+f(E)_{k}.\overline{\delta
+& (k,E) & \longmapsto & \left( E_{j}.\delta (k,j)+ \right.\\
+& & & \left. f(E)_{k}.\overline{\delta
(k,j)}\right) _{j\in \llbracket1;\mathsf{N}\rrbracket},%
possesses various chaos properties that none of the generators used as input
\KwIn{a function $f$, an iteration number $b$, an initial configuration $x^0$
($n$ bits)}
\KwOut{a configuration $x$ ($n$ bits)}
return $x$\;
\caption{PRNG with chaotic functions}
\label{CI Algorithm}
\KwIn{the internal configuration $z$ (a 32-bit word)}
\KwOut{$y$ (a 32-bit word)}
return $y$\;
\caption{An arbitrary round of \textit{XORshift} algorithm}
where $\mathcal{P}\left(X\right)$ is for the powerset of the set $X$, that is, $Y \in \mathcal{P}\left(X\right) \Longleftrightarrow Y \subset X$.
Given a function $f:\mathds{B}^\mathsf{N} \longrightarrow \mathds{B}^\mathsf{N} $, define the function:
+%%RAPH : j'ai coupé la dernière ligne en 2, c'est moche
F_{f}: & \mathcal{P}\left(\llbracket1;\mathsf{N}\rrbracket \right) \times \mathds{B}^{\mathsf{N}} &
\longrightarrow & \mathds{B}^{\mathsf{N}} \\
-& (P,E) & \longmapsto & \left( E_{j}.\chi (j,P)+f(E)_{j}.\overline{\chi
-(j,P)}\right) _{j\in \llbracket1;\mathsf{N}\rrbracket},%
+& (P,E) & \longmapsto & \left( E_{j}.\chi (j,P)+\right.\\
+& & &\left.f(E)_{j}.\overline{\chi(j,P)}\right) _{j\in \llbracket1;\mathsf{N}\rrbracket},%
where + and . are the Boolean addition and product operations, and $\overline{x}$
\noindent and the map defined on $\mathcal{X}$:
-G_f\left(S,E\right) = \left(\sigma(S), F_f(i(S),E)\right), \label{Gf}
+G_f\left(S,E\right) = \left(\sigma(S), F_f(i(S),E)\right), %\label{Gf} %%RAPH, j'ai viré ce label qui existe déjà avant...
\noindent where $\sigma$ is the \emph{shift} function defined by $\sigma
(S^{n})_{n\in \mathds{N}}\in \mathcal{P}\left(\llbracket 1 ; \mathsf{N} \rrbracket\right)^\mathds{N}\longrightarrow (S^{n+1})_{n\in
\label{nouveau d}
-\noindent where
-\displaystyle{d_{e}(E,\check{E})} & = & \displaystyle{\sum_{k=1}^{\mathsf{N}%
-}\delta (E_{k},\check{E}_{k})}\textrm{ is once more the Hamming distance}, \\
-\displaystyle{d_{s}(S,\check{S})} & = & \displaystyle{\dfrac{9}{\mathsf{N}}%
-\sum_{k=1}^{\infty }\dfrac{|S^k\Delta {S}^k|}{10^{k}}}.%
+\noindent where $ \displaystyle{d_{e}(E,\check{E})} = \displaystyle{\sum_{k=1}^{\mathsf{N}%
+ }\delta (E_{k},\check{E}_{k})}$ is once more the Hamming distance, and
+$ \displaystyle{d_{s}(S,\check{S})} = \displaystyle{\dfrac{9}{\mathsf{N}}%
+ \sum_{k=1}^{\infty }\dfrac{|S^k\Delta {S}^k|}{10^{k}}}$,
+%%RAPH : ici, j'ai supprimé tous les sauts à la ligne
+%% \begin{equation}
+%% \left\{
+%% \begin{array}{lll}
+%% \displaystyle{d_{e}(E,\check{E})} & = & \displaystyle{\sum_{k=1}^{\mathsf{N}%
+%% }\delta (E_{k},\check{E}_{k})} \textrm{ is once more the Hamming distance}, \\
+%% \displaystyle{d_{s}(S,\check{S})} & = & \displaystyle{\dfrac{9}{\mathsf{N}}%
+%% \sum_{k=1}^{\infty }\dfrac{|S^k\Delta {S}^k|}{10^{k}}}.%
+%% \end{array}%
+%% \right.
+%% \end{equation}
where $|X|$ is the cardinality of a set $X$ and $A\Delta B$ is for the symmetric difference, defined for sets A, B as
$A\,\Delta\,B = (A \setminus B) \cup (B \setminus A)$.
the distance between $(S^n,E^n)$ and $(S,E)$ is strictly less than $%
10^{-(k+1)}\leqslant \varepsilon $.\bigskip \newline
In conclusion,
+%%RAPH : ici j'ai rajouté une ligne
\forall \varepsilon >0,\exists N_{0}=max(n_{0},n_{1},n_{2})\in \mathds{N}%
-,\forall n\geqslant N_{0},
- d\left( G_{f}(S^n,E^n);G_{f}(S,E)\right)
+,\forall n\geqslant N_{0},$$
+$$ d\left( G_{f}(S^n,E^n);G_{f}(S,E)\right)
\leqslant \varepsilon .
$G_{f}$ is consequently continuous.
that $E$ is reached from $(S',E')$ after $t_2$ iterations of $G_f$.
Consider the strategy $\tilde S$ that alternates the first $t_1$ terms
-of $S$ and the first $t_2$ terms of $S'$: $$\tilde
-S=(S_0,\dots,S_{t_1-1},S'_0,\dots,S'_{t_2-1},S_0,\dots,S_{t_1-1},S'_0,\dots,S'_{t_2-1},S_0,\dots).$$ It
+of $S$ and the first $t_2$ terms of $S'$:
+%%RAPH : j'ai coupé la ligne en 2
+S=(S_0,\dots,S_{t_1-1},S'_0,\dots,S'_{t_2-1},S_0,$$$$\dots,S_{t_1-1},S'_0,\dots,S'_{t_2-1},S_0,\dots).$$ It
is clear that $(\tilde S,E)$ is obtained from $(\tilde S,E)$ after
$t_1+t_2$ iterations of $G_f$. So $(\tilde S,E)$ is a periodic
point. Since $\tilde S_t=S_t$ for $t<t_1$, by the choice of $t_1$, we
iterations can be inherited by the inputted generator, we hope by doing so to
obtain some statistical improvements while preserving speed.
-Let us give an example using 16-bits numbers, to clearly understand how the bitwise xor operations
-Suppose that $x$ and the strategy $S^i$ are given as
-binary vectors.
-Table~\ref{TableExemple} shows the result of $x \oplus S^i$.
-x &=&1&0&1&1&1&0&1&0&1&0&0&1&0&0&1&0\\
-S^i &=&0&1&1&0&0&1&1&0&1&1&1&0&0&1&1&1\\
-x \oplus S^i&=&1&1&0&1&1&1&0&0&0&1&1&1&0&1&0&1\\
- \end{array}
-\caption{Example of an arbitrary round of the proposed generator}
-\lstset{language=C,caption={C code of the sequential PRNG based on chaotic iteration\
+%%RAPH : j'ai viré tout ca
+%% Let us give an example using 16-bits numbers, to clearly understand how the bitwise xor operations
+%% are
+%% done.
+%% Suppose that $x$ and the strategy $S^i$ are given as
+%% binary vectors.
+%% Table~\ref{TableExemple} shows the result of $x \oplus S^i$.
+%% \begin{table}
+%% \begin{scriptsize}
+%% $$
+%% \begin{array}{|cc|cccccccccccccccc|}
+%% \hline
+%% x &=&1&0&1&1&1&0&1&0&1&0&0&1&0&0&1&0\\
+%% \hline
+%% S^i &=&0&1&1&0&0&1&1&0&1&1&1&0&0&1&1&1\\
+%% \hline
+%% x \oplus S^i&=&1&1&0&1&1&1&0&0&0&1&1&1&0&1&0&1\\
+%% \hline
+%% \hline
+%% \end{array}
+%% $$
+%% \end{scriptsize}
+%% \caption{Example of an arbitrary round of the proposed generator}
+%% \label{TableExemple}
+%% \end{table}
+\lstset{language=C,caption={C code of the sequential PRNG based on chaotic iterations},label=algo:seqCIPRNG}
unsigned int CIPRNG() {
static unsigned int x = 123123123;
unsigned long t1 = xorshift();
return x;
implementation of the xor128, the xorshift, and the xorwow respectively require
4, 5, and 6 unsigned long as internal variables.
\KwIn{InternalVarXorLikeArray: array with internal variables of the 3 xor-like
PRNGs in global memory\;
NumThreads: number of threads\;}
store internal variables in InternalVarXorLikeArray[threadIdx]\;
\caption{Main kernel of the GPU ``naive'' version of the PRNG based on chaotic iterations}
Algorithm~\ref{algo:gpu_kernel} presents a naive implementation of the proposed PRNG on
GPU. Due to the available memory in the GPU and the number of threads
used simultaneously, the number of random numbers that a thread can generate
This version can also pass the whole {\it BigCrush} battery of tests.
\KwIn{InternalVarXorLikeArray: array with internal variables of 1 xor-like PRNGs
in global memory\;
NumThreads: Number of threads\;
store internal variables in InternalVarXorLikeArray[threadId]\;
\caption{Main kernel for the chaotic iterations based PRNG GPU efficient
- \includegraphics[scale=.7]{curve_time_xorlike_gpu.pdf}
+ \includegraphics[width=\columnwidth]{curve_time_xorlike_gpu.pdf}
\caption{Quantity of pseudorandom numbers generated per second with the xorlike-based PRNG}
- \includegraphics[scale=.7]{curve_time_bbs_gpu.pdf}
+ \includegraphics[width=\columnwidth]{curve_time_bbs_gpu.pdf}
\caption{Quantity of pseudorandom numbers generated per second using the BBS-based PRNG}
where $y$ is randomly generated. By construction, $\varphi_y(H(x))=X(yx)$,
+\begin{equation}%\label{PCH-3} %%RAPH : j'ai viré ce label qui existe déjà, il est 3 ligne avant
where $y$ is randomly generated.
\KwIn{InternalVarBBSArray: array with internal variables of the 8 BBS
in global memory\;
NumThreads: Number of threads\;
store internal variables in InternalVarXorLikeArray[threadId] using a rotation\;
\caption{main kernel for the BBS based PRNG GPU}
her new public key will be $(S^0, N)$.
To encrypt his message, Bob will compute
-c = \left(m_0 \oplus (b_0 \oplus S^0), m_1 \oplus (b_0 \oplus b_1 \oplus S^0), \hdots, m_{L-1} \oplus (b_0 \oplus b_1 \hdots \oplus b_{L-1} \oplus S^0) \right)
+%%RAPH : ici, j'ai mis un simple $
+$c = \left(m_0 \oplus (b_0 \oplus S^0), m_1 \oplus (b_0 \oplus b_1 \oplus S^0), \hdots, \right.$
+$ \left. m_{L-1} \oplus (b_0 \oplus b_1 \hdots \oplus b_{L-1} \oplus S^0) \right)$
instead of $\left(m_0 \oplus b_0, m_1 \oplus b_1, \hdots, m_{L-1} \oplus b_{L-1} \right)$.
The same decryption stage as in Blum-Goldwasser leads to the sequence
\ No newline at end of file