SSE-based Mersenne Twister?

[vigna]

From what I can understand, you used the standard 64-bit version of the Mersenne Twister. Considering that your code use specialized AES instructions, you should at least compare with the SFMT (SIMD-friendly Fast Mersenne Twister), which is almost twice as fast.

If you are not using the SSE2 version, I don't think the comparison you have currently on display is fair.

[jan-wassenberg]

Hi Sebastiano, thanks for your interest! We are indeed using std::mt19937_64.

I agree the comparison is not fair, because MT has statistical weaknesses and is predictable after observing a few hundred outputs. These issues are not resolved by using a faster implementation.

Instead, the purpose of the benchmark/comparison is to show that we can get an indistinguishable-from-random generator with backtracking resistance within the performance envelope accepted by many projects.

[vigna]

That's the most absurd, anti-scientific reply ever 😂. Are you effectively saying you're using a bad and slow generator because it's bad? LOL.

There are excellent generators out there below the 0.50 cycle/B threshold. If your purpose is to compare with a "performance envelope", independently of cryptographic strength, you should use those.

Now it just looks like you cherry-picked your baselines. 🤷🏻‍♂️