> BTW, I also analyzed why "seed2" failed the way it did.
> 
> The important thing to note is that, when using a prime modulus, the modular 
> exponentiation has a cycle of modulus-1 (i.e. RU_N-1).  That is to say, the 
> exponent RU_N-1 generates the same output as the exponent 0, RU_N the same as 
> 1, etc.  The xor was causing aliasing.
> 
> Replacing the xor with an addition fixes this problem, but I'm not sure 
> whether it has the desired behavior in other regards.

	just changing xor into addition will consistute problem.  the topmost
	bit is used for special purpose, so the addition must be performed
	in mod 2^15 space.

itojun