10

I was wondering if there is a way to make use of the new hardware based true number generator found in intel's sandy bridge CPU? I read that intel's MKL (Math Kernel Library) exposes this functionality, but this requires the MKL suite and an intel complier, ending up pretty expensive.

Is there another way to employ the hardware random number generator in my C++ code? For example a nice, header only library?

dtech
  • 47,916
  • 17
  • 112
  • 190
  • 2
    Which operating system platform? I wouldn't be surprised if it's done automatically in both Linux and Windows, based on hardware capabilities. – unwind Oct 26 '11 at 11:15
  • I am developing under windows 7, but my project uses Qt and will eventually target both windows and linux, and if Qt cocoa compatibility is fixed soon, hopefully macOS as well – dtech Oct 26 '11 at 11:17
  • 3
    Just write a bit of inline assembly to execute the RDRAND instruction. Or wait for your compiler to support the intrinsic. Or better yet, wait a couple of years so you'll have some odds that your user will have a machine that supports it. Manual is here: http://software.intel.com/file/36945 – Hans Passant Oct 26 '11 at 12:03
  • [RDRAND](https://en.wikichip.org/wiki/intel/microarchitectures/ivy_bridge_(client)#New_instructions) is only available from [Ivy Bridge](https://www.intel.com/content/www/us/en/developer/articles/technical/what-is-secure-key-technology.html) and newer generations. [Sandy Bridge](https://en.wikichip.org/wiki/intel/microarchitectures/sandy_bridge_(client)) is the direct predecessor and doesn't support RDRAND. The answer from Doug Anger refers to RDRAND and I'm not aware of a new random number generator within Sandy Bridge. – Peter Oct 04 '22 at 13:55

3 Answers3

11

Intel has posted a manual, library, and code examples for the rdrand instruction at http://software.intel.com/en-us/articles/intel-digital-random-number-generator-drng-software-implementation-guide.

From the Readme:

"Because the many of compiler toolchains do not support this new instruction, this library was created to facilitate easy access to it. The idea is simple: link to a built static library and enjoy the new feature!"

There are examples of all the library calls in main.c.

I was able to compile the static library and test program in gcc on Mac OS X. The documentation states that it is also compatible with Linux and Windows.

Be aware that rdrand is actually a 128-bit pseudo-random number generator with hardware-generated entropy. (The upcoming Broadwell architecture will provide an rdseed instruction to access the true random number generator.) The details of the difference and its implications can be found under the "Long Answer" heading at http://software.intel.com/en-us/blogs/2012/11/17/the-difference-between-rdrand-and-rdseed.

Doug Anger
  • 131
  • 2
  • 7
1

Here is the example code:

#include <immintrin.h>
#include <cstdint>
...
uint64_t val;
if(!_rdseed64_step(&val)) {
  printf("Error generating hardware random value\n");
}
// Now val contains 64-bit pseudo-random number

uint64_t val;
if(!_rdrand64_step(&val)) {
  printf("Error generating hardware random value\n");
}
// Now val contains 64-bit true random number

Reference: Intel Intrinsics Guide

Serge Rogatch
  • 13,865
  • 7
  • 86
  • 158
0

It could depend of your operating system. I would imagine that recent GNU/Linux kernels might use the hardware random generators for e.g. /dev/random (since the random(4) man page suggest that it uses noise), but I could be wrong.

The usual practice is to use some common pseudo-random generator (like e.g. the random(3) standard function), but to seed it, when starting your application, from some more random source (e.g. reading /dev/urandom, using getpid() and something from the current time with gettimeofday(), etc).

Very probably, getting very good random numbers is a black art, at least for me. But the above solution has at least the advantage of not being easily reproducible from one application run to another.

If your application is long lasting (e.g. a web service running in a the same single process for many hours) you might perhaps re-seed your Pseudo Random Number Generator from time to time. For a web server, I would imagine you could also use request times (measuring them with millisecond granularity) as a source of randomness (to seed your PRNG).

Basile Starynkevitch
  • 223,805
  • 18
  • 296
  • 547
  • 2
    There's a thread about RDRAND and `/dev/random` here: http://www.spinics.net/lists/linux-crypto/msg05883.html, although I don't know whether what they say there is exactly what has happened or will happen. The gist is that you're right, it looks as though it will be used as an entropy source for `/dev/random`, although it's not quite so simple as as `/dev/random` just returning the results of calls to RDRAND. – Steve Jessop Oct 26 '11 at 12:06