An architecture for robust pseudo-random generation and applications to /dev/random
نویسندگان
چکیده
We present a formal model and a simple architecture for robust pseudorandom generation that ensures resilience in the face of an observer with partial knowledge (or even partial control) of the generator’s entropy source. Our model and architecture ensure the following properties: • Resilience. The generator’s output looks random to an observer with no knowledges of the internal state. This holds even if that observer has complete control over data that is used to refresh the internal state. • Forward security. Past output of the generator looks random to an observer with no knowledges of the past internal state, even if it was later able to learn the internal state. • Backward security/Break-in recovery. Future output of the generator looks random, even to an observer with knowledge of the current state, provided that the generator is refreshed with data of sufficient entropy. Architectures such as above were suggested before. This work differs from previous attempts in that we present a formal model for robust pseudo-random generation, and provide a formal proof within this model for the security of our architecture. To our knowledge, this is the first attempt at a rigorous model for this problem. Our formal modeling advocates the separation of the entropy extraction phase from the output generation phase. We argue that the former is information-theoretic in nature, and should therefore rely on combinatorial and statistical tools and not on cryptography. On the other hand, we show that the latter phase can be implemented using any standard (non-robust) cryptographic PRG (which is turn can theoretically be built from any one-way function). We also discuss the applicability of our architecture as a replacement for the current implementation of /dev/(u)random in Linux, and also examine using it as an architecture for pseudorandom generation on smartcards.
منابع مشابه
A model and Architecture for Pseudo-Random Generation and Applications to /dev/random
We present a formal model and a simple architecture for robust pseudorandom generation that ensures resilience in the face of an observer with partial knowledge/control of the generator’s entropy source. Our model and architecture have the following properties: • Resilience. The generator’s output looks random to an observer with no knowledge of the internal state. This holds even if that obser...
متن کاملDesign and Analysis of /dev/random, a Pseudorandom Number Generator
The ability to produce random numbers is an important aspect of many cryptographic applications. This document examines a method of constructing an algorithm that behaves in a non-deterministic manner in order to produce unpredictable outputs. Specifically, this paper examines the design of the pseudo random number generator /dev/random. 1 PRNG’s and the importance of randomness In many cryptog...
متن کاملGalois Rings and Pseudo-random Sequences
We survey our constructions of pseudo random sequences (binary, Z8, Z2l ,. . . ) from Galois rings. Techniques include a local Weil bound for character sums, and several kinds of Fourier transform. Applications range from cryptography ( boolean functions, key generation), to communications (multi-code CDMA), to signal processing (PAPR reduction).
متن کاملDesign and optimization of poly lactic acid/bioglass composite screw for orthopedic applications
However, problems such as osteoporosis due to high elasticity of metals relative to bones, and local infections and systemic problems caused by releasing metallic ions have motivated research on replacing metallic screws with non metallic ones. In this study, the composite containing poly-l-lactic acid and bioactive glass fibers were considered for the design of the screw using ABAQUS software ...
متن کاملSecurity Analysis of Pseudo-Random Number Generators
A pseudo-random number generator (PRNG) is a deterministic algorithm that produces numbers whose distribution is indistinguishable from uniform. A formal security model for PRNGs with input was proposed in 2005 by Barak and Halevi (BH). This model involves an internal state that is refreshed with a (potentially biased) external random source, and a cryptographic function that outputs random num...
متن کامل