DOCSLIB.ORG

An Enhanced Practical Difficulty of One-Time Pad Algorithm Resolving the Key Management and Distribution Problem

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
An Enhanced Practical Difficulty of One-Time Pad Algorithm Resolving the Key Management and Distribution Problem Proceedings of the International MultiConference of Engineers and Computer Scientists 2018 Vol I IMECS 2018, March 14-16, 2018, Hong Kong An Enhanced Practical Difficulty of One-Time Pad Algorithm Resolving the Key Management and Distribution Problem Abiodun Esther Omolara 1, Aman Jantan 2, Oludare Isaac Abiodun3, Humaira Arshad4 adversaries. Cryptographic encryption schemes prevent a Abstract— Information theory and cryptography recognize third party from understanding the transmitted raw data over 'One-Time Pads' as 'Perfect Secrecy' in theory, however, until the unsecured channel during signal transmission. today, they have remained impractical to use because of its key In this paper, a new method to enhance OTP data encryption management and key distribution problems, particularly in by introducing diffusion into the system and a simple having to generate and send a new key each time you need to randomized form of steganography have been adopted. transmit a message. When a key is used more than once in the One-Time Pad encryption scheme, it becomes vulnerable to a This will completely mask any potential and statistical pattern analysis attack (known-Plaintext attack). For this relationship between the Plaintext and Ciphertext. reason, the same key must not be used more than once.This problem can be resolved by modifying the algorithm and II. PROBLEM DEFINITION enhancing the key so that any statistical relationship between In information theory and cryptography, a term called the plaintext and ciphertext will be completely concealed. The “One-time pad (OTP)” – is an encryption technique methodology employed was a combination of some whereby a key can only be used once as a secret for cryptographic primitives to introduce diffusion into the system message. In this and a simple randomized form of steganography to hide where scheme, a random key that is equal in length to the plaintext the encryption begins. The performance of the proposed message to be encrypted with no repetition is used. The scheme was evaluated against the One-Time Pad when the plaintext character is exclusive-or bitwise with the key, to pads were used more than once and a cryptanalysis was performed on both schemes. The result indicates that the produce Ciphertext output. Mathematically, the one-time enhanced OTP algorithm was suitable to allow the same key pad can be expressed as; for limitless use of encrypting different Plaintext without C = P⊕K, where P = Plaintext, ⊕ = Exclusive-Or, K = revealing any pattern. This will solve the key Key, and C = Ciphertext management/distribution problem of having to send a new key everytime a message is to be transmitted and this allows the The Exclusive-Or is denoted by XOR and represented with One-Time Pad scheme practical and allows the same key the symbol ⊕. Decryption simply involves the same bitwise generated during encryption to be reusable on other Plaintext Exclusive-or operation. The main risk of the scheme lies as many times as desired. with the pad/key used.Over the years this technique has remained impractical to use because of its key management Index Terms— Cryptography, Cipher, Confusion, Diffusion, One-Time Pad, Security, Crib-Dragging, Cryptanalysis and key distribution problems, especially having to generate and send a new key each time one needs to transmit a message. The feasible problem here is that of the new key I. INTRODUCTION that must be sent always alongside with the message because the key itself is long as the message. Also, the redundancy of English languages, along with ASCII HE need to secure messages to keep secrecy has been encoding lends itself to statistical tools that allow for the T realization of these messages (Belakang, 1991) [1]. growing rapidly over the past decades due to increasing This problem exists for a long time probably because the level of education and information among the people and concepts of cryptography often embraces novel concepts lack of trust from the third party who may happen to reveal and technologies that require a test of time in practice unless the content or make use of it for their own advantage. proven unsafe. With the emergence of standard ciphers like Breach of security and mismanagement of confidential data RSA, DES, Triple DES, AES many people decided not to intercepted by unauthorized parties are key problems which bother themselves about ciphers like One-Time Pad even information security tries to resolve. Cryptography is the though it was the only cipher proven to be computationally field of information science that has to do with disguising secured unlike the standard ciphers that are not proven to be message for secure communication in the presence of computationally secured but only believed to be hard to break based on their constructions of using hard Corresponding author: [email protected], [email protected], mathematical problems and based on failure of existing [email protected], [email protected] attempts to cryptanalyze them. Also, the dependency of the [email protected] Universiti Sains Malaysia1,2,3,4, Islamic University pad entropy of OTP is high which makes reusing of the pad of Bahawalpur Pakistan4. This research was partially supported by the Fundamental Research Grant Scheme (FRGS) for ‘‘content-based analysis to be unsafe. Furthermore, the One-Time Pad has framework for better email forensic and cyber investigation’’ bottlenecks in CPU, RAM, disk I/O and key material [203/PKOMP/6711426], SFRG Lab, School of Computer Sciences, USM. consumption. Penang, 11800, Malaysia. ISBN: 978-988-14047-8-7 IMECS 2018 ISSN: 2078-0958 (Print); ISSN: 2078-0966 (Online) Proceedings of the International MultiConference of Engineers and Computer Scientists 2018 Vol I IMECS 2018, March 14-16, 2018, Hong Kong The problem is that to get optimal and perfect secrecy, Key randomness in cryptographic computations generates only a must be truly random, that is a perfect random number. pseudo-random bit string. This combined with the issue of Random number generation is an important primitive in key distribution prevents unconditional or perfect secrecy many cryptographic mechanisms. For example, keys for (Upadhyay, G., & Nene, M. J. 2016) [4]. Key must be used encryption transformations need to be generated in a manner once, any two-time use of key will render ciphertext which is unpredictable to an adversary. Generating a completely unsecured. A known-Plaintext attack is the key random key typically involves the selection of random challenge faced when the key is used more than once. numbers or bit sequences. Random number generation Example: If the same key K is used to send two messages presents challenging issues (Stallings, W. 2011) [2]. C1 and C2; then plaintext P1 and P2 can be recovered by an Perfect secrecy is the notion that, given an encrypted eavesdropper. This is referred to as a known-Plaintext message (or ciphertext) from a perfectly secure encryption attack. This is illustrated as follow: system (or cipher), absolutely nothing will be revealed about the unencrypted message (or plaintext) by the C1 = P1 ⊕ K ciphertext. Perfect Secrecy: Claude Elwood Shannon C2 = P2 ⊕ K (Information- Theoretic, 1916) [3]. Security basic idea was C1 ⊕ C2 = (P1 ⊕ K) ⊕ (P2 ⊕ K) that Ciphertext should provide no “information” about C1 ⊕ C2 = P1 ⊕ P2 Plaintext but have several equivalent formulations: C1 ⊕ C2 = P1, P2 (i) Considered two random variables M and C as an where, independent. (ii) Then observing what values C takes does not C1 = Ciphertext 1, C2 = Ciphertext 2, P1 = Plaintext 1, P2 = Plaintext 2 and K = Key change what one believes the distribution M is (iii) Knowing what is the value of M does not change If the same keys are used to send this two messages via an the distribution of C. open channel and the eavesdropper was able to intercept C1 (iv) The encrypting two different messages m0 and m1 and C2, that is both Ciphertexts, the key K cancels out, then result in the same distribution. he can easily compute the XOR of C1 and C2 and arrive at Perfect security means that for an encryption algorithm if P1, P2. A good pattern analysis or crib dragging (which will there is ciphertext produced that uses it, no information be shown in this paper) will help the eavesdropper reach about the plaintext is provided without knowledge of either or both the Plaintexts. This is a major weak point of the key. If E is a perfectly secure encryption function, for OTP and this is because there is enough redundancy in any fixed message m, there must be, for each ciphertext c, at English and ASCII encoding. least one key k such that C = Ek(m). It has been proved that Cryptology continues to co-evolve with communication and any cipher with the perfect secrecy property must use keys computing technologies. Prior technological breakthroughs, with effectively the same requirements as one-time pad such as the electro-mechanical devices, telegraph, radio, and keys. personal computers compelled cryptography to replace Figure 1 presents a sample of encryption and decryption broken or weak ciphers. Every security expert worries about processes. security problems and tries to find out the secure solution. Because it is a challenging aspect of communications today which touches many spheres including memory space, processing speed, code development and maintenance issues (Miyano, T., & Cho, K. 2016) [5]. Nowadays, memory and processing power are inexpensive and abundant. Capable mathematicians and technologists are highly motivated in their attempts to break encryption; Lock Ciphertext Unlock they are succeeding. They have devised many attacks such as, man-in-the-middle, statistical, side channel attacks, and A many more (Belakang, a L. 1991) [6], for this reason, we Encryption Decryption B must continue to enhance our ciphers and create new ones that can defeat every form of attacks emerging with technology.
Load more

Recommended publications
  • Sensor-Seeded Cryptographically Secure Random Number Generation
    International Journal of Recent Technology and Engineering (IJRTE) ISSN: 2277-3878, Volume-8 Issue-3, September 2019 Sensor-Seeded Cryptographically Secure Random Number Generation K.Sathya, J.Premalatha, Vani Rajasekar Abstract: Random numbers are essential to generate secret keys, AES can be executed in various modes like Cipher initialization vector, one-time pads, sequence number for packets Block Chaining (CBC), Cipher Feedback (CFB), Output in network and many other applications. Though there are many Feedback (OFB), and Counter (CTR). Pseudo Random Number Generators available they are not suitable for highly secure applications that require high quality randomness. This paper proposes a cryptographically secure II. PRNG IMPLEMENTATIONS pseudorandom number generator with its entropy source from PRNG requires the seed value to be fed to a sensor housed on mobile devices. The sensor data are processed deterministic algorithm. Many deterministic algorithms are in 3-step approach to generate random sequence which in turn proposed, some of widely used algorithms are fed to Advanced Encryption Standard algorithm as random key to generate cryptographically secure random numbers. Blum-Blum-Shub algorithm uses where X0 is seed value and M =pq, p and q are prime. Keywords: Sensor-based random number, cryptographically Linear congruential Generator uses secure, AES, 3-step approach, random key where is the seed value. Mersenne Prime Twister uses range of , I. INTRODUCTION where that outputs sequence of 32-bit random Information security algorithms aim to ensure the numbers. confidentiality, integrity and availability of data that is transmitted along the path from sender to receiver. All the III. SENSOR-SEEDED PRNG security mechanisms like encryption, hashing, signature rely Some of PRNGs uses clock pulse of computer system on random numbers in generating secret keys, one time as seeds.
    [Show full text]
  • A Secure Authentication System- Using Enhanced One Time Pad Technique
    IJCSNS International Journal of Computer Science and Network Security, VOL.11 No.2, February 2011 11 A Secure Authentication System- Using Enhanced One Time Pad Technique Raman Kumar1, Roma Jindal 2, Abhinav Gupta3, Sagar Bhalla4 and Harshit Arora 5 1,2,3,4,5 Department of Computer Science and Engineering, 1,2,3,4,5 D A V Institute of Engineering and Technology, Jalandhar, Punjab, India. Summary the various weaknesses associated with a password have With the upcoming technologies available for hacking, there is a come to surface. It is always possible for people other than need to provide users with a secure environment that protect their the authenticated user to posses its knowledge at the same resources against unauthorized access by enforcing control time. Password thefts can and do happen on a regular basis, mechanisms. To counteract the increasing threat, enhanced one so there is a need to protect them. Rather than using some time pad technique has been introduced. It generally random set of alphabets and special characters as the encapsulates the enhanced one time pad based protocol and provides client a completely unique and secured authentication passwords we need something new and something tool to work on. This paper however proposes a hypothesis unconventional to ensure safety. At the same time we need regarding the use of enhanced one time pad based protocol and is to make sure that it is easy to be remembered by you as a comprehensive study on the subject of using enhanced one time well as difficult enough to be hacked by someone else.
    [Show full text]
  • A Note on Random Number Generation
    A note on random number generation Christophe Dutang and Diethelm Wuertz September 2009 1 1 INTRODUCTION 2 \Nothing in Nature is random. number generation. By \random numbers", we a thing appears random only through mean random variates of the uniform U(0; 1) the incompleteness of our knowledge." distribution. More complex distributions can Spinoza, Ethics I1. be generated with uniform variates and rejection or inversion methods. Pseudo random number generation aims to seem random whereas quasi random number generation aims to be determin- istic but well equidistributed. 1 Introduction Those familiars with algorithms such as linear congruential generation, Mersenne-Twister type algorithms, and low discrepancy sequences should Random simulation has long been a very popular go directly to the next section. and well studied field of mathematics. There exists a wide range of applications in biology, finance, insurance, physics and many others. So 2.1 Pseudo random generation simulations of random numbers are crucial. In this note, we describe the most random number algorithms At the beginning of the nineties, there was no state-of-the-art algorithms to generate pseudo Let us recall the only things, that are truly ran- random numbers. And the article of Park & dom, are the measurement of physical phenomena Miller (1988) entitled Random generators: good such as thermal noises of semiconductor chips or ones are hard to find is a clear proof. radioactive sources2. Despite this fact, most users thought the rand The only way to simulate some randomness function they used was good, because of a short on computers are carried out by deterministic period and a term to term dependence.
    [Show full text]
  • Cryptanalysis of the Random Number Generator of the Windows Operating System
    Cryptanalysis of the Random Number Generator of the Windows Operating System Leo Dorrendorf School of Engineering and Computer Science The Hebrew University of Jerusalem 91904 Jerusalem, Israel [email protected] Zvi Gutterman Benny Pinkas¤ School of Engineering and Computer Science Department of Computer Science The Hebrew University of Jerusalem University of Haifa 91904 Jerusalem, Israel 31905 Haifa, Israel [email protected] [email protected] November 4, 2007 Abstract The pseudo-random number generator (PRNG) used by the Windows operating system is the most commonly used PRNG. The pseudo-randomness of the output of this generator is crucial for the security of almost any application running in Windows. Nevertheless, its exact algorithm was never published. We examined the binary code of a distribution of Windows 2000, which is still the second most popular operating system after Windows XP. (This investigation was done without any help from Microsoft.) We reconstructed, for the ¯rst time, the algorithm used by the pseudo- random number generator (namely, the function CryptGenRandom). We analyzed the security of the algorithm and found a non-trivial attack: given the internal state of the generator, the previous state can be computed in O(223) work (this is an attack on the forward-security of the generator, an O(1) attack on backward security is trivial). The attack on forward-security demonstrates that the design of the generator is flawed, since it is well known how to prevent such attacks. We also analyzed the way in which the generator is run by the operating system, and found that it ampli¯es the e®ect of the attacks: The generator is run in user mode rather than in kernel mode, and therefore it is easy to access its state even without administrator privileges.
    [Show full text]
  • Random Number Generation Using MSP430™ Mcus (Rev. A)
    Application Report SLAA338A–October 2006–Revised May 2018 Random Number Generation Using MSP430™ MCUs ......................................................................................................................... MSP430Applications ABSTRACT Many applications require the generation of random numbers. These random numbers are useful for applications such as communication protocols, cryptography, and device individualization. Generating random numbers often requires the use of expensive dedicated hardware. Using the two independent clocks available on the MSP430F2xx family of devices, software can generate random numbers without such hardware. Source files for the software described in this application report can be downloaded from http://www.ti.com/lit/zip/slaa338. Contents 1 Introduction ................................................................................................................... 1 2 Setup .......................................................................................................................... 1 3 Adding Randomness ........................................................................................................ 2 4 Usage ......................................................................................................................... 2 5 Overview ...................................................................................................................... 2 6 Testing for Randomness...................................................................................................
    [Show full text]
  • Original Paper Written & Signed by William F
    / I / I p. I I _., • CRYPTOGRAPHIC EQUIP~lliNT FOR EITHER -SINGLE-ORIGINATOR OR MULTI-ORIGINATOR COMMUNICATION 1. a. Progress in the cryptologic field-during the.past fevT yea.,:s has .led to a basic change in cryptologic philosophy, a change Which has already oeen recognized by and is of im.,­ portant interest to the ASA. b. The t1~ust vrhich 'has heretofore been placed in the ordinary types of crypto-systems, the solution of which depends upon, or is directly or indirectly correlated with, the number of tests that have to be made to exhaust a multiplicity of , / hypotheses based upon keying possibilities, is daily decreasing. The beginning of this decreasing confidence i~ the degree of cryptographic security potentially offered by a vast number of permutations and combinations available of keying possibilities can be traced back to the advent of the application of ~abu~ lating machinery to the solution of cryptanalytic problems. _ Later, when specially designed cryptanalytic machines employ- ing electrical relays came to be constructed and applied, success­ fully to these problems, a real blow was struck at our former concepts of cryptographi·c security. And, now, the assurance that electronic cryptanalytic machinery can be a·pplied to ~?Peed up the solution 9f complex cryptographic systems is tend­ ing· slm1ly to undermine what faith was left in the systems or crypto-mechanisms currently considered as being the best there are, those using rotors with complicated stepping controls .. , ·· . c.- To sum this up, it can be said that, save for orie exception, cryptologic theory and practice during the past 'quar,ter of a c~ntury serves only to corroborat.E? the theoretical validity of·the century-old dictum first enunciated by Edgar Allan Poe: "Yet it may be r·oundly asserted that ht1.man ingenuity cannot concoct a cipher which human ingenuity cannot solve.11 2.
    [Show full text]
  • (Pseudo) Random Number Generation for Cryptography
    Thèse de Doctorat présentée à L’ÉCOLE POLYTECHNIQUE pour obtenir le titre de DOCTEUR EN SCIENCES Spécialité Informatique soutenue le 18 mai 2009 par Andrea Röck Quantifying Studies of (Pseudo) Random Number Generation for Cryptography. Jury Rapporteurs Thierry Berger Université de Limoges, France Andrew Klapper University of Kentucky, USA Directeur de Thèse Nicolas Sendrier INRIA Paris-Rocquencourt, équipe-projet SECRET, France Examinateurs Philippe Flajolet INRIA Paris-Rocquencourt, équipe-projet ALGORITHMS, France Peter Hellekalek Universität Salzburg, Austria Philippe Jacquet École Polytechnique, France Kaisa Nyberg Helsinki University of Technology, Finland Acknowledgement It would not have been possible to finish this PhD thesis without the help of many people. First, I would like to thank Prof. Peter Hellekalek for introducing me to the very rich topic of cryptography. Next, I express my gratitude towards Nicolas Sendrier for being my supervisor during my PhD at Inria Paris-Rocquencourt. He gave me an interesting topic to start, encouraged me to extend my research to the subject of stream ciphers and supported me in all my decisions. A special thanks also to Cédric Lauradoux who pushed me when it was necessary. I’m very grateful to Anne Canteaut, which had always an open ear for my questions about stream ciphers or any other topic. The valuable discussions with Philippe Flajolet about the analysis of random functions are greatly appreciated. Especially, I want to express my gratitude towards my two reviewers, Thierry Berger and Andrew Klapper, which gave me precious comments and remarks. I’m grateful to Kaisa Nyberg for joining my jury and for receiving me next year in Helsinki.
    [Show full text]
  • Random-Number Functions
    Title stata.com Random-number functions Contents Functions Remarks and examples Methods and formulas Acknowledgments References Also see Contents rbeta(a,b) beta(a,b) random variates, where a and b are the beta distribution shape parameters rbinomial(n,p) binomial(n,p) random variates, where n is the number of trials and p is the success probability rcauchy(a,b) Cauchy(a,b) random variates, where a is the location parameter and b is the scale parameter rchi2(df) χ2, with df degrees of freedom, random variates rexponential(b) exponential random variates with scale b rgamma(a,b) gamma(a,b) random variates, where a is the gamma shape parameter and b is the scale parameter rhypergeometric(N,K,n) hypergeometric random variates rigaussian(m,a) inverse Gaussian random variates with mean m and shape param- eter a rlaplace(m,b) Laplace(m,b) random variates with mean m and scale parameter b p rlogistic() logistic variates with mean 0 and standard deviation π= 3 p rlogistic(s) logistic variates with mean 0, scale s, and standard deviation sπ= 3 rlogistic(m,s) logisticp variates with mean m, scale s, and standard deviation sπ= 3 rnbinomial(n,p) negative binomial random variates rnormal() standard normal (Gaussian) random variates, that is, variates from a normal distribution with a mean of 0 and a standard deviation of 1 rnormal(m) normal(m,1) (Gaussian) random variates, where m is the mean and the standard deviation is 1 rnormal(m,s) normal(m,s) (Gaussian) random variates, where m is the mean and s is the standard deviation rpoisson(m) Poisson(m)
    [Show full text]
  • A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications
    Special Publication 800-22 Revision 1a A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications AndrewRukhin,JuanSoto,JamesNechvatal,Miles Smid,ElaineBarker,Stefan Leigh,MarkLevenson,Mark Vangel,DavidBanks,AlanHeckert,JamesDray,SanVo Revised:April2010 LawrenceE BasshamIII A Statistical Test Suite for Random and Pseudorandom Number Generators for NIST Special Publication 800-22 Revision 1a Cryptographic Applications 1 2 Andrew Rukhin , Juan Soto , James 2 2 Nechvatal , Miles Smid , Elaine 2 1 Barker , Stefan Leigh , Mark 1 1 Levenson , Mark Vangel , David 1 1 2 Banks , Alan Heckert , James Dray , 2 San Vo Revised: April 2010 2 Lawrence E Bassham III C O M P U T E R S E C U R I T Y 1 Statistical Engineering Division 2 Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 Revised: April 2010 U.S. Department of Commerce Gary Locke, Secretary National Institute of Standards and Technology Patrick Gallagher, Director A STATISTICAL TEST SUITE FOR RANDOM AND PSEUDORANDOM NUMBER GENERATORS FOR CRYPTOGRAPHIC APPLICATIONS Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems.
    [Show full text]
  • (U) a History of Secure Voice Codin~: Insights Drawn from the Career of One of Tile Earliest Practitioners of the Art of Speech Coding JOSEPH P
    DOCID: 3860926 UNCLASSIFIED Cryptologic Quarter1y (U) A History of Secure Voice Codin~: Insights Drawn from the Career of One of tile Earliest Practitioners of the Art of Speech Coding JOSEPH P. CAMPBELL, JR., and RICHARD A. DEAN Editor's Note: This artrde Is basecl on one publlshecl In Dlgittl Signal Processing, July 1993, wfth permission ofthe authors. The history of speech coding is closely tied to tion of PCM. A "Buzz" /"Hiss" generator was used the career of Tom Tremain. He joined the as an exciter for the vocoder corresponding to the National Security Agency i~ 1959 as an Air Force voiced/unvoiced attribute of each 20-ms speech lieutenant assigned to duty at the Agency. Llttle segment. Balance of the "Buzz" /"Hiss" generator, did he know then that this assignment would or voicing, represented a major factor in the qual­ shape his career as well as' the future of speech ity of the speech. Early practitioners of speech coding. 1 coders, like Tom, can still be found today speak­ I . ing"Aaahhh" /"Sshhhhh" into voice coders to test Thomas E. Tremain was the U.S. govern- this balance. ment's senior speech scientist. He was a recog­ nized leader and an expert in speech science. From the time of SIGSALY until Tom arrived 1 Tom's work spanned five dife3des of state-of-the- at NSA, several generations of voice coders had art modem and speech co<;Iing innovations that been developed in conjunction with Bell Labs. are the basis of virtually e~ery U.S. and NATO The K0-6 voice coder, developed in 1949 and modem and speech coding standard.
    [Show full text]
  • Random.Org: Introduction to Randomness and Random Numbers
    random.org: Introduction to Randomness and Random Numbers Mads Haahr June 1999* Background Oh, many a shaft at random sent Finds mark the archer little meant! And many a word at random spoken May soothe, or wound, a heart that's broken!" | Sir Walter Scott Randomness and random numbers have traditionally been used for a variety of purposes, for ex- ample games such as dice games. With the advent of computers, people recognized the need for a means of introducing randomness into a computer program. Surprising as it may seem, however, it is difficult to get a computer to do something by chance. A computer running a program follows its instructions blindly and is therefore completely predictable. Computer engineers chose to introduce randomness into computers in the form of pseudo- random number generators. As the name suggests, pseudo-random numbers are not truly random. Rather, they are computed from a mathematical formula or simply taken from a precalculated list. A lot of research has gone into pseudo-random number theory and modern algorithms for generating them are so good that the numbers look exactly like they were really random. Pseudo- random numbers have the characteristic that they are predictable, meaning they can be predicted if you know where in the sequence the first number is taken from. For some purposes, predictability is a good characteristic, for others it is not. Random numbers are used for computer games but they are also used on a more serious scale for the generation of cryptographic keys and for some classes of scientific experiments.
    [Show full text]
  • The Intel Random Number Generator
    ® THE INTEL RANDOM NUMBER GENERATOR CRYPTOGRAPHY RESEARCH, INC. WHITE PAPER PREPARED FOR INTEL CORPORATION Benjamin Jun and Paul Kocher April 22, 1999 Information in this white paper is provided without guarantee or warranty of any kind. This review represents the opinions of Cryptography Research and may or may not reflect opinions of Intel Corporation. Characteristics of the Intel RNG may vary with design or process changes. © 1999 by Cryptography Research, Inc. and Intel Corporation. 1. Introduction n = − H K∑ pi log pi , Good cryptography requires good random i=1 numbers. This paper evaluates the hardware- where pi is the probability of state i out of n based Intel Random Number Generator (RNG) possible states and K is an optional constant to for use in cryptographic applications. 1 provide units (e.g., log(2) bit). In the case of a Almost all cryptographic protocols require random number generator that produces a k-bit the generation and use of secret values that must binary result, pi is the probability that an output be unknown to attackers. For example, random will equal i, where 0 ≤ i < 2k . Thus, for a number generators are required to generate -k perfect random number generator, pi = 2 and public/private keypairs for asymmetric (public the entropy of the output is equal to k bits. This key) algorithms including RSA, DSA, and means that all possible outcomes are equally Diffie-Hellman. Keys for symmetric and hybrid (un)likely, and on average the information cryptosystems are also generated randomly. present in the output cannot be represented in a RNGs are also used to create challenges, nonces sequence shorter than k bits.
    [Show full text]