Various statistical test of pseudorandom number generator

Haque, Mohammad Shafiqul

January 2010

<p>This thesis is related to varies statistical test of pseudorandom number generator. In thisthesis I have tried to discuss some aspects of selecting and testing Pseudorandom numbergenerators. The outputs of such generators may be used in many cryptographic applications,such as the generation of key material. After statistical test I have tried to compairethe test value of every generator and have discussed which one is producing good sequencesand which one is a good generator.</p>

Pseudorandom number generator (PRNG)

Statistical test

Test value

Various statistical test of pseudorandom number generator

Haque, Mohammad Shafiqul

January 2010

This thesis is related to varies statistical test of pseudorandom number generator. In thisthesis I have tried to discuss some aspects of selecting and testing Pseudorandom numbergenerators. The outputs of such generators may be used in many cryptographic applications,such as the generation of key material. After statistical test I have tried to compairethe test value of every generator and have discussed which one is producing good sequencesand which one is a good generator.

Pseudorandom number generator (PRNG)

Statistical test

Test value

Security of Lightweight Cryptographic Primitives

Vennos, Amy Demetra Geae

10 June 2021

Internet-of-Things (IoT) devices are increasing in popularity due to their ability to help automate many aspects of daily life while performing these necessary duties on billions of low-power appliances. However, the perks of these small devices also come with additional constraints to security. Security always has been an issue with the rise of cryptographic backdoors and hackers reverse engineering the security protocols within devices to reveal the original state that was encrypted. Security researchers have done much work to prevent attacks with high power algorithms, such as the international effort to develop the current Advanced Encryption Standard (AES). Unfortunately, IoT devices do not typically have the computational resources to implement high-power algorithms such as AES, and must rely on lightweight primitives such as pseudorandom number generators, or PRNGs.This thesis explores the effectiveness, functionality, and use of PRNGs in different applications. First, this thesis investigates the confidentiality of a single-stage residue number system PRNG, which has previously been shown to provide extremely high quality outputs for simulation and digital communication applications when evaluated through traditional techniques like the battery of statistical tests used in the NIST Random Number Generation and DIEHARD test suites or in using Shannon entropy metrics. In contrast, rather than blindly performing statistical analyses on the outputs of the single-stage RNS PRNG, this thesis provides both white box and black box analyses that facilitate reverse engineering of the underlying RNS number generation algorithm to obtain the residues, or equivalently the key, of the RNS algorithm. This thesis develops and demonstrate a conditional entropy analysis that permits extraction of the key given a priori knowledge of state transitions as well as reverse engineering of the RNS PRNG algorithm and parameters (but not the key) in problems where the multiplicative RNS characteristic is too large to obtain a priori state transitions. This thesis then discusses multiple defenses and perturbations for the RNS system that defeat the original attack algorithm, including deliberate noise injection and code hopping. We present a modification to the algorithm that accounts for deliberate noise, but rapidly increases the search space and complexity. Lastly, a comparison of memory requirements and time required for the attacker and defender to maintain these defenses is presented. The next application of PRNGs is in building a translation for binary PRNGs to non-binary uses like card shuffling in a casino. This thesis explores a shuffler algorithm that utilizes RNS in Fisher-Yates shuffles, and that calls for inputs from any PRNG. Entropy is lost through this algorithm by the use of PRNG in lieu of TRNG and by its RNS component: a surjective mapping from a large domain of size $2^J$ to a substantially smaller set of arbitrary size $n$. Previous research on the specific RNS mapping process had developed a lower bound on the Shannon entropy loss from such a mapping, but this bound eliminates the mixed-radix component of the original formulation. This thesis calculates a more precise formula which takes into account the radix, $n$. This formulation is later used to specify the optimal parameters to simulate the shuffler with different test PRNGs. After implementing the shuffler with PRNGs with varying output entropies, the thesis examines the output value frequencies to discuss if utilizing PRNG is a feasible alternative for casinos to the higher-cost TRNG. / Master of Science / Cryptography, or the encrypting of data, has drawn widespread interest for years, initially sparking public concern through headlines and dramatized reenactments of hackers targeting security protocols. Previous cryptographic research commonly focused on developing the quickest, most secure ways to encrypt information on high-power computers. However, as wireless low-power devices such as smart home, security sensors, and learning thermostats gain popularity in ordinary life, interest is rising in protecting information being sent between devices that don't necessarily have the power and capabilities as those in a government facility. Lightweight primitives, the algorithms used to encrypt information between low-power devices, are one solution to this concern, though they are more susceptible to attackers who wish to reverse engineer the encrypting process. The pesudorandom number generator (PRNG) is a type of lightweight primitive that generates numbers that are essentially random even though it is possible to determine the input value, or seed, from the resulting output values. This thesis explores the effectiveness and functionality of PRNGs in different applications. First, this thesis explores a PRNG that has passed many statistical tests to prove its output values are random enough for certain applications. This project analyzes the quality of this PRNG through a new lens: its resistance to reverse engineering attacks. The thesis describes and implements an attack on the PRNG that allows an individual to reverse engineer the initial seed. The thesis then changes perspective from attacker to designer and develop defenses to this attack: by slightly modifying the algorithm, the designer can ensure that the reverse engineering process is so complex, time-consuming, and memory-requiring that implementing such an attack would be impractical for an attacker. The next application of PRNGs is in the casino industry, in which low-power and cost-effective automatic card shufflers for games like poker are becoming popular. This thesis explores a solution for optimal shuffling of a deck of cards.

Pseudorandom Number Generator

PRNG

Residue Number System

RNS

Reverse Engineering

Shannon Entropy

Mixed-Radix Conversion

Analysis of Lightweight Cryptographic Primitives

George, Kiernan Brent

05 May 2021

Internet-of-Things (IoT) devices have become increasingly popular in the last 10 years, yet also show an acceptance for lack of security due to hardware constraints. The range of sophistication in IoT devices varies substantially depending on the functionality required, so security options need to be flexible. Manufacturers typically either use no security, or lean towards the use of the Advanced Encryption Standard (AES) with a 128-bit key. AES-128 is suitable for the higher end of that IoT device range, but is costly enough in terms of memory, time, and energy consumption that some devices opt to use no security. Short development and a strong drive to market also contribute to a lack in security. Recent work in lightweight cryptography has analyzed the suitability of custom protocols using AES as a comparative baseline. AES outperforms most custom protocols when looking at security, but those analyses fail to take into account block size and future capabilities such as quantum computers. This thesis analyzes lightweight cryptographic primitives that would be suitable for use in IoT devices, helping fill a gap for "good enough" security within the size, weight, and power (SWaP) constraints common to IoT devices. The primitives have not undergone comprehensive cryptanalysis and this thesis attempts to provide a preliminary analysis of confidentiality. The first is a single-stage residue number system (RNS) pseudorandom number generator (PRNG) that was shown in previous publications to produce strong outputs when analyzed with statistical tests like the NIST RNG test suite and DIEHARD. However, through analysis, an intelligent multi-stage conditional probability attack based on the pigeonhole principle was devised to reverse engineer the initial state (key) of a single-stage RNS PRNG. The reverse engineering algorithm is presented and used against an IoT-caliber device to showcase the ability of an attacker to retrieve the initial state. Following, defenses based on intentional noise, time hopping, and code hopping are proposed. Further computation and memory analysis show the proposed defenses are simple in implementation, but increase complexity for an attacker to the point where reverse engineering the PRNG is likely no longer viable. The next primitive proposed is a block cipher combination technique based on Galois Extension Field multiplication. Using any PRNG to produce the pseudorandom stream, the block cipher combination technique generates a variable sized key matrix to encrypt plaintext. Electronic Codebook (ECB) and Cipher Feedback (CFB) modes of operation are discussed. Both system modes are implemented in MATLAB as well as on a Texas Instruments (TI) MSP430FR5994 microcontroller for hardware validation. A series of statistical tests are then run against the simulation results to analyze overall randomness, including NIST and the Law of the Iterated Logarithm; the system passes both. The implementation on hardware is compared against a stream cipher variation and AES-128. The block cipher proposed outperforms AES-128 in terms of computation time and consumption for small block sizes. While not as secure, the cryptosystem is more scalable to block sizes used in IoT devices. / Master of Science / An Internet-of-Things (IoT) device is a single-purpose computer that operates with less computing resources and sometimes on battery power. The classification of IoT can range anywhere from motion sensors to a doorbell camera, but IoT devices are used in more than just home automation. The medical and industrial spaces use simple wireless computers for a number of tasks as well. One concern with IoT, given the hardware constraints, is the lack of security. Since messages are often transmitted through a wireless medium, anybody could eavesdrop on what is being communicated if data is not encrypted prior to transmission. Cryptography is the practice of taking any string of data and obfuscating it through a process that only valid parties can reverse. The sophistication of cryptographic systems has increased to the point where IoT manufacturers elect to use no security in many cases because the hardware is not advanced enough to run them efficiently. The Advanced Encryption Standard (AES) is usually the choice for security in the IoT space, but typically only higherend devices can afford to use AES. This thesis focuses on alternative lightweight systems to AES. First, a single-stage residue number system (RNS) pseudorandom number generator (PRNG) is analyzed, which has been proven to generate statistically random outputs in previous publications. PRNGs are a cheap method of producing seemingly random outputs through an algorithm once provided with an initial state known as a seed. An intelligent attack on the PRNG is devised, which is able to reverse engineer the initial state, effectively breaking the random behavior. Three defenses against the attack are then implemented to protect against the reported vulnerability. Following, a block cipher combination technique is presented, using the aforementioned PRNG as the source of randomness. A block cipher is a method of encrypting large chunks of data together, to better obfuscate the output. Using a block cipher is more secure than just using a PRNG for encryption. However, PRNGs are used to generate the key for the proposed block cipher, as they offer a more efficient method of security. The combination technique presented serves to increase the security of PRNGs further. The cipher is shown to perform better on an IoT-caliber device in terms of computation time and energy consumption at smaller block sizes than AES.

Block Cipher

Galois Extension Field

Post-Quantum Cryptography

Pseudorandom Number Generator

Residue Number System

Η θραυσματική διάσταση ως μέτρο αξιολόγησης γεννητριών ψευδοτυχαίων αριθμών

Βενέτη, Αφροδίτη

06 November 2014

Η ποιότητα πολλών εκ των αποτελεσμάτων της σύγχρονης έρευνας εξαρτώνται άμεσα από την «ποιότητα» και την ποσότητα των τυχαίων αριθμών που χρησιμοποιούνται. Ειδικότερα σε τομείς όπως η στοχαστική μοντελοποίηση και προσομοίωση προτιμώνται οι ντετερμινιστικές γεννήτριες τυχαίων αριθμών, ή αλλιώς γεννήτριες ψευδοτυχαίων αριθμών λόγω της δυνατότητας αναπαραγωγής των αποτελεσμάτων και της μεταφερσιμότητας τους. Επομένως, μας είναι χρήσιμο να εντοπίσουμε ψευδοτυχαίες γεννήτριες αριθμών με αυξημένη φαινόμενη τυχαιότητα αποτελεσμάτων. Για το λόγο αυτό, στη διπλωματική εργασία προτείνεται και εξετάζεται η καταλληλότητα της θραυσματικής διάστασης (fractal dimension) για την αξιολόγηση ψευδοτυχαίων γεννητριών τυχαίων αριθμών (Pseudorandom Number Generators). Η θραυσματική διάσταση αποτελεί μία μετρική που δύναται να εκφράσει την τυχαιότητα των αποτελεσμάτων μιας γεννήτριας ψευδοτυχαίων αριθμών καθώς «ποσοτικοποιεί» την κατανομή των ψευδοτυχαίων αριθμών στον ευκλείδειο χώρο. Σε πρώτο στάδιο γίνεται μία επισκόπηση των υπαρχουσών μεθοδολογιών παραγωγής τυχαίων αριθμών καθώς και των προσεγγίσεων για την αξιολόγηση της απόδοσης των ψευδοτυχαίων γεννητριών τυχαίων αριθμών. Οι καθιερωμένες τεχνικές που εφαρμόζονται για την αξιολόγηση μιας γεννήτριας εστιάζουν σε στατιστικά χαρακτηριστικά που έχουν ως στόχο να μετρήσουν πόσο απρόβλεπτα είναι τα αποτελέσματά της, ή χαρακτηριστικά όπως η περίοδος μιας γεννήτριας. Ακολούθως, μελετάται η θραυσματική διάσταση και οι προτεινόμενες στη βιβλιογραφία μέθοδοι υπολογισμού της. Στο στάδιο αυτό επιλέγεται η κατάλληλη μέθοδος για τον υπολογισμό της θραυσματικής διάστασης. Στο τελευταίο πειραματικό στάδιο παρουσιάζονται τα αποτελέσματα της μέτρησης της μορφοκλασματικής διάστασης. Οι ψευδοτυχαίες γεννήτριες προς αξιολόγηση που μετείχαν στα υπολογιστικά πειράματα ήταν η Γραμμική Αναλογική γεννήτρια, η γεννήτρια Blum-Blum-Shub, η γεννήτρια που βασίζεται στο κρυπτοσύστημα RSA και η γεννήτρια που βασίζεται στο πρόβλημα του διακριτού λογαρίθμου. Τα υπολογιστικά πειράματα επιχειρούν να ανακαλύψουν την απόδοση των εξεταζόμενων γεννητριών αλλά και την ευαισθησία της συμπεριφοράς τους ως προς τις παραμέτρους εισόδου των γεννητριών. / Scientific experimental results are highly dependent on the "quality" and quantity of random numbers used for these experiments. Especially in areas such as stochastic modeling and simulation, deterministic random number generators, known as pseudorandom number generators are preferred because of reproducibility of the results and their portability. Trying to identify pseudorandom number generators sequences which appear to be random, we examine the suitability of Fractal Dimension measurement for assessing Pseudorandom Number Generators. The established techniques that are used to evaluate a generator are focused on statistical features that are designed to detect correlations into generated pseudorandom number sequences. On the other hand, Fractal Dimension is a metric that can express the randomness of the results of a pseudorandom number generator as it "quantifies" the distribution of pseudorandom numbers in Euclidean space. We attempt to evaluate some Pseudorandom Number Generators, like classical Linear Congruential generator, Blum-Blum-Shub generator, the generator based on RSA cryptosystem and the generator based on the Discrete Logarithm problem. The computational experiments presented in our work attempt to assess the performance and the sensitivity of the examined generators.

Θραυσματική διάσταση

Έλεγχοι αξιολόγησης

519.2

Pseudorandom number generator

Fractal dimension

Assessment testing

Linear congruential generator

Security for the cloud / Sécurité pour le cloud

Cornejo-Ramirez, Mario

17 November 2016

La cryptographie a été un facteur clé pour permettre la vente de services et du commerce par Internet. Le cloud computing a amplifié cette révolution et est devenu un service très demandé grâce à ses avantages comme : puissance de calcul importante, services à bas coûts, rendement, évolutivité, accessibilité et disponibilité. Parallèlement à la hausse de nouveaux business, des protocoles pour des calculs sécurisés ont aussi émergé. Le but de cette thèse est de contribuer à la sécurité des protocoles d’Internet existants en fournissant une analyse de la source aléatoire de ces protocoles et en introduisant des protocoles mieux adaptés pour les environnements des cloud computing. Nous proposons de nouvelles constructions en améliorant l'efficacité des solutions actuelles afin de les rendre plus accessibles et pratiques. Nous fournissons une analyse de sécurité détaillée pour chaque schéma avec des hypothèses raisonnables. Nous étudions la sécurité du cloud computing à différents niveaux. D'une part, nous formalisons un cadre pour analyser quelques-uns des générateurs de nombres pseudo-aléatoires populaires à ce jour qui sont utilisés dans presque chaque application cryptographique. D'autre part, nous proposons deux approches efficaces pour des calculs en cloud. Le premier permet à un utilisateur de partager publiquement son secret de haute entropie avec des serveurs différents pour plus tard le récupérer par interaction avec certains de ces serveurs en utilisant seulement son mot de passe et sans données authentifiées. Le second permet à un client d'externaliser à un serveur une base de données en toute sécurité, qui peut être recherchée et modifiée ultérieurement. / Cryptography has been a key factor in enabling services and products trading over the Internet. Cloud computing has expanded this revolution and it has become a highly demanded service or utility due to the advantages of high computing power, cheap cost of services, high performance, scalability, accessibility as well as availability. Along with the rise of new businesses, protocols for secure computation have as well emerged. The goal of this thesis is to contribute in the direction of securing existing Internet protocols by providing an analysis of the sources of randomness of these protocols and to introduce better protocols for cloud computing environments. We propose new constructions, improving the efficiency of current solutions in order to make them more accessible and practical. We provide a detailed security analysis for each scheme under reasonable assumptions. We study the security in a cloud computing environment in different levels. On one hand, we formalize a framework to study some popular real-life pseudorandom number generators used in almost every cryptographic application. On the other, we propose two efficient applications for cloud computing. The first allows a user to publicly share its high-entropy secret across different servers and to later recover it by interacting with some of these servers using only his password without requiring any authenticated data. The second, allows a client to securely outsource to a server an encrypted database that can be searched and modified later.

Cryptographie

Protocoles d’internet

Cloud computing

Base de données

Secret partagé

Cryptography

Internet protocols

Pseudorandom number generator

Cloud computing

Databases

Secret sharing

004

005.8

Genetické algoritmy a rozvrhování / Genetic Algorithms and Scheduling

Škrabal, Ondřej

January 2010

This work deals with scheduling problem in particular plastic production service. The solution is based on heuristic algorithms, programming languages C + +, C # and is built on the .NET framework and LINQ to XML. It provides the users with comparisons of the heuristic approach with genetic algorithms applied to production problem. All methods results are compared in relation to hand-arranged plans.