PCG, A Family of Better Random Number Generators
PCG is a family of simple fast spaceefficient statistically good algorithms for random number generation. Unlike many generalpurpose RNGs, they are also hard to predict.
AtaGlance Summary
Statistical Quality 
Prediction Difficulty 
Reproducible Results 
Multiple Streams 
Period 
Useful Features 
Time Perfomance 
Space Usage 
Code Size & Complexity 
kDimensional Equidistribution 


PCG Family  Excellent  Challenging  Yes  Yes (e.g. 2^{63}) 
Arbitrary  Jump ahead, Distance 
Very fast 
Very compact 
Very small 
Arbitrary^{*} 
Mersenne Twister  Some Failures  Easy  Yes  No  Huge 2^{19937} 
Jump ahead  Acceptable  Huge (2 KB) 
Complex  623 
Arc4Random  Some Issues  Secure  Not Always  No  Huge 2^{1699} 
No  Slow  Large (0.5 KB) 
Complex  No 
ChaCha20^{†}  Good  Secure  Yes  Yes (2^{128}) 
2^{128}  Jump ahead, Distance  Fairly Slow 
Plump (0.1 KB) 
Complex  No 
Minstd (LCG)  Many Issues  Trivial  Yes  No  Tiny < 2^{32} 
Jump ahead, Distance  Acceptable  Very compact 
Very small 
No 
LCG 64/32  Many Issues  Published Algorithms  Yes  Yes 2^{63} 
Okay 2^{64} 
Jump ahead, Distance  Very fast 
Very compact 
Very small 
No 
XorShift 32  Many Issues  Trivial  Yes  No  Small 2^{32} 
Jump ahead  Fast  Very compact 
Very small 
No 
XorShift 64  Many Issues  Trivial  Yes  No  Okay 2^{64} 
Jump ahead  Fast  Very compact 
Very small 
No 
RanQ  Some Issues  Trivial  Yes  No  Okay 2^{64} 
Jump ahead  Fast  Very compact 
Very small 
No 
XorShift* 64/32  Excellent  Unknown?  Yes  No  Okay 2^{64} 
Jump ahead  Fast  Very compact 
Very small 
No 
^{†} ChaCha entry based on an optimized C++ implementation of ChaCha, kindly provided by Orson Peters.
Random Number Generation Is Important
Algorithmic random number generators are everywhere, used for all kinds of tasks, from simulation to computational creativity. Learn more about algorithmic random number generation...
But despite their widespread use, the odds are that you're using a flawed random number generator.
What's Wrong with Your Current RNG
Most random number generators in widespread use today have one of the following problems:
 Not Actually Random
 Behaving like a true and unbiased source of randomness seems like a fundamental requirement that any random number generator ought to satisfy, yet many RNGs fail statistical tests for randomness. Learn more...
 Predictable & Insecure
 Many RNGs can be predicted with after observing small amount of their output. If you use random numbers as a way to ensure fairness or unpredictability, that's a problem. Learn more...
 Mediocre Performance
 Many RNGs are either slow or require a relatively large amount of memory. Learn more...
 Lack Useful Features
 Most popular RNGs don't provide useful features like “jump ahead”. Learn more...
Sure, some RNGs are bad, but I'm using a good one, right?
Unless you're using a very esoteric RNG, odds are that the RNG you're using is flawed in one way or another. If you're using the Mersenne Twister, arc4random, ChaCha20, Unix's drand48, Unix random, Unix rand, XorShift*, RanQ1, or several others there are flaws you might want to know about. Learn more...
The PCG Family Is Better
The PCG family combines properties not previously seen together in the same generation scheme:
 It's really easy to use, and yet its very flexible and offers powerful features (including some that allow you to perform silly party tricks). Learn more...
 It's very fast, and can occupy very little space. Learn more...
 It has small code size. Learn more...
 It's performance in statistical tests is excellent (see the PCG paper for full details).
 It's much less predictable and thus more secure than most generators.
 It's open source software, with a permissive license (the Apache license).
You can download C and C++ implementations today!
What Makes the PCG Family Different?
To explain why the PCG family is better, we need to get a little bit technical. There are two parts to a random number generator. We can see them as two functions:
 The StateTransition Function
 Governs how the RNG's internal state changes every time you ask for a random number
 The Output Function
 Turns the RNG's internal state into the actual random number
Most RNGs use a very simple output function. Many RNGs just use the identity function! They just return the state as is (making them easily predicted). Some RNGs combine multiple simple RNGs and thus have an output function that just merges them together (e.g., with addition or xor). Again, this is a very simple output function.
A few RNGs adopt the opposite approach. For example, the Fortuna RNG has a trivial state transition function (it just increments a counter), but uses a cryptographic block cypher as the output function.
The observation that underlies the PCG family is that these approaches are unbalanced, they put too much weight on one side or the other. The PCG family takes a more balanced approach.
 PCG's StateTransition Function
 The PCG family uses a linear congruential generator as the statetransition function—the “CG” of PCG stands for “congruential generator”. Linear congruential generators are known to be statistically weak, but PCG's state transition function only does half the work, so it doesn't need to be perfect. Moreover, LCGs have number of very useful properties that make them a good choice.
 PCG's Output Function
 PCG uses a new technique called permutation functions on tuples to produce output that is much more random than the RNG's internal state. PCG's output functions are what gives it its excellent statistical performance and makes it hard predict from its output (and thus more secure). The “P” in PCG stands for “permuted”.
That's it. The PCG paper describes permutation functions on tuples in depth, as well as the output functions used by different members of the PCG family.
If you'd like to use the PCG generation scheme, head to the download page.
The PCG Blog
The PCG blog has new developments and essays on topics related to PCG and random number generation in general. It tends to be updated more often than the rest of the site.