A Fast Hardware Pseudorandom Number Generator Based on xoroshiro128

TL;DR

This paper introduces xoroshiro128aox, a hardware-efficient pseudorandom number generator that passes rigorous statistical tests, improves upon previous xoroshiro128 variants, and balances quality with implementation cost.

Contribution

It presents a new xoroshiro128aox generator with an innovative output function, validated through extensive testing, offering a practical and high-quality PRNG for hardware use.

Findings

xoroshiro128aox passes BigCrush and PractRand tests

Mitigates known weaknesses in xoroshiro128+

Offers a good trade-off between quality and hardware cost

Abstract

The Graphcore Intelligence Processing Unit contains an original pseudorandom number generator (PRNG) called xoroshiro128aox, based on the F2-linear generator xoroshiro128. It is designed to be cheap to implement in hardware and provide high-quality statistical randomness. In this paper, we present a rigorous assessment of the generator's quality using standard statistical test suites and compare the results with the fast contemporary PRNGs xoroshiro128+, pcg64 and philox4x32-10. We show that xoroshiro128aox mitigates the known weakness in the lower order bits of xoroshiro128+ with a new 'AOX' output function by passing the BigCrush and PractRand suites, but we note that the function has some minor non uniformities. We focus our testing with specific tests for linear artefacts to highlight the weaknesses of both xoroshiro128 PRNGs, but conclude that they are hard to detect, and xoroshiro128aox otherwise provides a good trade off between statistical quality and hardware implementation cost.