I was thinking that something with a longer period might be nice. Xorshift is fast, has a period of 2^64 and still only needs 64 bits of state.
Do you have a generator in mind?
Either way, the problem is really to seed it right.
That's certainly the issue that comes up in the forum.
That's interesting. I wasn't able to see what he actually did to set-up/read the A2D.
It doesn't work like this but this is how I visualize what happens: Enable the pull-up resistor so the pin goes high. Turn off the pull-up resistor and start a conversion. At a certain point, the falling pin voltage and the rising comparison voltage cross paths and the conversion completes. The theory is that the two voltages cross at a random point in the conversion.
I am not convinced that the A2D has enough sensitivity
I believe it does. From my testing, the problem is that the only potential source of entropy from an AVR processor is the digital noise generated by the processor itself which is not at all random.
It's important to remember that AVR processors are meant to be very
deterministic and it's tough to get anything random out of something that is deterministic.
-- or maybe not enough sensitivity in all cases -- to get a useful amount of entropy without some extra wiring external to the Arduino.
The temperature sensor mentioned here looks like a better bet:
My testing does not bear that out. (comments in that thread)
I'd stay away from CRC. I don't think it works well as a random mixing function.
It performs the same basic function as the Von Neumann whitening, but has deterministic run time.
The reason Von Neumann is not deterministic is because of a lack of entropy. That potential problem also applies to CRC (and everything else). If you can collect enough data (128 quarter bits in your example) for the CRC to produce a result than you can also collect enough data for Von Neumann to produce a result. If you cannot collect enough data, then neither will produce a result.
Re-seeding via srandom(random() + new_entropy_bits) maybe.
The problem with re-seeding is that it potentially invalidates the statistical tests that are performed on the generator to prove its quality.
XOR values from rand with values from a hardware generator.
No, I don't like that.
In that case...
The idea would be to use this only for generating the seed.
...is the best choice.