> On the other hand vigna's (and therefore linux) RNG's are easily predictable without knowing the internal state, but just by observing the external output for some short time.
They are not CSPRNGs, so it is expected that they are predictable. I don't think anyone claimed the contrary.
But PCG is not and it is simple and fast. Its qualities are much better than vigna's.
He did mostly respond with bullshit, though his other arguments are better. But not convincing still.
Claiming that PCG is unpredictable is dangerous. If it was really unpredictable, it would qualify as a CSPRNG... Unlike you, PCG's author does not claim it is, but even claiming it is "challenging to predict" is questionable.
There is a difference in statistical quality concerning the binary rank test, but this was fixed with the new PRNGs published in the xoshiro paper. Whether passing the binary rank test signifies "much better" quality is debatable...
With only 3 outputs you can compute the internal state. MT needs something like 36 if memory serves.
Perhaps the misunderstanding is due to the way it's written. I was wondering as well: "huh, why do you need to enter the internal state as well as three inputs, no shit that you can predict the next output or something..." but what he really writes is that you enter an internal state, then it uses CFG to generate three outputs, and from those three outputs alone, it derives the internal state again.
Interesting idea, but I'm not convinced unless he breaks it without knowing the internal state. The PCG idea is extremely simple yes, but you need to know the first bits to know which algo is used. And the first bits are the hardest to get.
They are not CSPRNGs, so it is expected that they are predictable. I don't think anyone claimed the contrary.