MODIFIED MCLAREN-MARSAGLIA PSEUDO- RANDOM NUMBER GENERATOR AND STOCHASTIC KEY AGREEMENT By RICHARD LLOYD CHURCHILL Bachelor of Science in Chemistry and Philosophy Oklahoma State University Stillwater, Oklahoma 1980 Submitted to the Faculty of the Graduate College of the Oklahoma State University in partial fulfillment of the requirements for the Degree of MASTER OF SCIENCE December, 2011 MODIFIED MCLAREN-MARSAGLIA PSEUDO- RANDOM NUMBER GENERATOR AND STOCHASTIC KEY AGREEMENT Thesis Approved: Dr. H. K. Dai Thesis Adviser Dr. John P. Chandler Dr. Douglas Heisterkamp Dr. Mark E. Payton Dean of the Graduate College ii TABLE OF CONTENTS Chapter Page I. INTRODUCTION ......................................................................................................1 Some Basics Regarding Cryptographic Systems and Their Goals ..........................1 Session Keys and Public Key Encryption ................................................................3 Bennett and Brassard Key Agreement and Continuing Research ...........................5 Issues and Goals in Cryptology and Randomness ...................................................8 Pseudo-Random Number Generators (PRNGs).......................................................9 Periodic Generators ................................................................................................10 Aperiodic Generators .............................................................................................11 Evaluating Generators ............................................................................................13 BSI AIS 20 .............................................................................................................13 FIPS Publication 140 .............................................................................................16 IEEE Standards 1363 .............................................................................................17 Other Test Software ...............................................................................................17 The Problem Addressed .........................................................................................19 Some Existing Alternatives Based Upon Mathematical Problems ........................20 Zero-Knowledge Proofs and Key Agreement Protocols .......................................28 II. A SURVEY OF STREAM CIPHERS ....................................................................33 Stream Ciphers .......................................................................................................37 Introduction to a Brief Survey of Modern Stream Ciphers....................................39 Vernam Ciphers and One-Time Pads ....................................................................40 Electro-Mechanical Ciphers...................................................................................44 Digital Stream Ciphers ...........................................................................................45 Linear-Feedback Shift Registers (LFSR)...............................................................46 Linear Complexity .................................................................................................48 LFSR Based Stream Ciphers .................................................................................50 Geffe Generator and Correlation ...........................................................................51 Pless Generator ......................................................................................................53 Jennings Generator.................................................................................................53 Stop-and-Go Generators ........................................................................................54 Decimating and Shrinking Generators ...................................................................55 Multispeed Inner-Product Generator .....................................................................56 Gollmann Cascade Generator ................................................................................56 Summation and Threshold Generators...................................................................57 Feedback with Carry Shift Registers (FCSR) ........................................................57 Nonlinear-Feedback Shift Registers (NFSR).........................................................59 A5 ...........................................................................................................................60 SEAL......................................................................................................................61 Scream....................................................................................................................62 iii WAKE....................................................................................................................62 Complexity-Theoretic Stream Ciphers ..................................................................63 Linear Congruential Generators .............................................................................64 III. MIXING AND MATCHING USING A MCLAREN-MARSAGLIA THEME ...66 The McLaren-Marsaglia Algorithm .......................................................................67 Cryptanalysis of McLaren-Marsaglia ....................................................................68 The Bays-Durham Generator .................................................................................72 Modifying McLaren-Marsaglia .............................................................................73 Bit-Selection ..........................................................................................................77 Some Cryptographic Considerations .....................................................................89 Further Modifications of the McLaren-Marsaglia Mechanism .............................93 Deterministic Aperiodicity.....................................................................................98 IV. KEY AGREEMENT ...........................................................................................105 Themes and Goals ................................................................................................105 The Basic Scheme: Walk-through .......................................................................108 The Basic Protocol A: Formal Description ..........................................................111 Observations Regarding Protocol A ....................................................................112 Section..................................................................................................................123 V. ANALYSIS AND CONCLUSION .....................................................................127 Apparent Randomness of the Produced Bit-Stream ............................................130 Confidentiality .....................................................................................................132 Brute Force Time Requirements ..........................................................................143 Using the χ Square Test .......................................................................................150 Meet-in-the-Middle ..............................................................................................151 Differential Cryptanalysis ....................................................................................156 Man in the Middle ................................................................................................157 Design Issues .......................................................................................................158 Performance Results ............................................................................................161 REFERENCES ..........................................................................................................164 APPENDICES ...........................................................................................................179 iv LIST OF TABLES Table Page Correlation in the Geffe generator ............................................................................51 Correlation and the XOR operation ..........................................................................52 Probability a value x is absent from V based on size of V and bits per entry ...........77 Growth of number of candidate input string pairs Assuming n bits of output and input strings of 2 n bits .............................................80 A slice through the state table in BitBlendOpt() .......................................................96 v LIST OF FIGURES Figure Page A Linear Feedback Shift Register .............................................................................46 Galois configuration of an LFSR ..............................................................................47 Example of a Feedback with Carry Shift Register (FCSR) ......................................58 Generalized structure of the aperiodic generators used ..........................................113 Injection of material from axr into PRNGs B and C ..............................................115 The relationship between b, rp and bxrp ................................................................116 Processing of bxrp to obtain m................................................................................117 Generation of bit string k from bit-string m, using gernator/PRNG D ...................121 Flow