Information And Data Security Pseudorandom Number Generation and Stream Cipher seminar
Mustansiriya University
Department of Education
Computer Science
3. Random number is a number generated by a
process, whose outcome is unpredictable, and which
cannot be sub sequentially reliably reproduced
Random numbers play an important role in the use of
encryption for various network security applications.
Two Types of Random Numbers
Pseudorandom numbers are numbers that appear
random, but are obtained in a deterministic,
repeatable, and predictable manner.
True random numbers are generated in non-
deterministic ways. They are not predictable. They
are not repeatable
4. 1- Key distribution and reciprocal authentication
schemes
2- Session key generation.
Session key is a secret key for symmetric encryption
generated for use for a short period of time.
3- Generation of keys for the RSA public- key encryption
algorithm
4- Generation of a bit stream for symmetric stream
encryption
These application give two distinct requirements :
Randomness and Unpredictability
5. Two criteria are used to validate that a sequence of
numbers is random:
1. Uniform distribution
The distribution of bits in the sequence should be
uniform .Frequency of occurrence of 1 and 0
approximately equal .
2. Independence : No one subsequence in the
sequence can be inferred from the others
UNPREDICTABILITY
Hard to predict next value in sequence.
6. 1-True Random number Generators
Best source is natural randomness in real world
TRNG uses a nondeterministic source to produce
randomness
entropy source refer to produce randomness, from
physical environment .
Physical environment of the computer and could include
things such as disk electrical activity, mouse
movements, and instantaneous values of the system
clock
TRNG produce randomness.by measuring unpredictable
natural processes , such as pulse detectors of ionizing
radiation events, gas discharge tubes, and leaky
capacitors.
7. Lava rand is an open source project for creating truly
random numbers using inexpensive cameras , open
source code, and inexpensive hardware.
TRNG may simply involve conversion of an analog
source to a binary output
Problems of bias or uneven distribution in signal
have to compensate for this when sample, often by
passing bits through a hash function
Best to only use a few noisiest bits from each sample
RFC4086 recommends using multiple sources of
randomness on a computer & hash function to generate
true random output , possible sources is
Sound /video input
Disk drivers
8. Deskewing :methods of modifying a bit stream to
reduce or eliminate the bias have been developed
One approach to deskew is to pass the bit stream
through a hash function, such as MD5 or SHA-1
There is also an online service (random.org), which can
deliver random sequences securely over the Internet.
Operating systems provide a built-in mechanism for
generating random numbers. For, Linux uses four
entropy sources: mouse and keyboard activity, disk I/O
operations, and specific interrupts.
9. An algorithm that is used to produce an open-ended
sequence of bits
Deterministic algorithms to calculate numbers in
“relatively random” sequence
Seed is algorithm input .
Produces continuous stream of random bits
Pseudo Random Function
Used to produced a pseudorandom string of bits of
some fixed length
Takes as input a seed plus some context specific
values, such as a user ID or an application ID
10.
11. Hard to determine pseudo-random stream if don’t know
seed (but know algorithm)
1- RANDOMNESS
A. Uniformity : occurrence of a zero or one is equally
likely, n/2where n = the sequence length.
B. Scalability : Any test applicable to a sequence can also
be applied to subsequences extracted at random
C. Consistency : The behavior of a generator must be
consistent
We have Three test:
1-Frequency test
2-Runs test
3- Maurer’s universal statistical test : detect whether or
not the sequence can be significantly compressed without
loss of information
12. 2- UNPREDICTABILITY
A. Forward unpredictability
B. Backward unpredictability
3-SEED REQUIREMENTS
For cryptographic applications
The seed that serves as input to the PRNG
must be secure. Because the PRNG is a
deterministic algorithm
The seed is generated by a TRNG
13.
14. Two categories.
Purpose-built algorithms: These are algorithms
designed specifically and only for the purpose of
generating pseudorandom bit streams
Algorithms based on existing cryptographic
algorithms: Cryptographic algorithms have the effect
of randomizing input.
Three broad categories of cryptographic algorithms
are commonly used to create PRNG
- Symmetric block ciphers.
- Asymmetric ciphers.
- Hash functions and message authentication codes
15. 1- Linear Congruential Generator LCG
Most commonly used for generating random integers
generate the next random integer using the previous
random integer .
To get started, the algorithm requires an initial ``seed'',
which must be provided .
Given suitable values of parameters can produce a long
random-like sequence.
Suitable criteria to have are:
Function generates a full-period
Generated sequence should appear random
Efficient implementation with 32-bit arithmetic
Note that an attacker can reconstruct sequence given a
small number of values
Have possibilities for making this harder
17. Cryptographically secure pseudorandom bit generator
(CSPRBG).
Named for its developers [BLUM86].
Based on public key algorithms
The security of BBS is based on the difficulty of
factoring n
Unpredictable, passes next-bit test
Security rests on difficulty of factoring N
Is unpredictable given any run of bits
Slow, since very large numbers must be used
Too slow for cipher use, good for key generation
18. p, q: large prime numbers such that:
(p mod 4) = (q mod 4) = 3
n = p * q
s: random number relatively prime to n
Generation sequence of bits ,Bi:
𝑋0 = 𝑠2 𝑚𝑜𝑑 𝑛
𝑓𝑜𝑟 𝑖 = 1 𝑡𝑜 ∞
𝑋𝑖 =( 𝑋𝑖−1)2 mod n
𝐵𝑖= 𝑋𝑖 mod 2
Example:
p=383 ,q=503 ,s=101355
N=p∗q n= 192649
𝑋0 = 𝑆2
mod n
𝑋0 =20749
𝑋𝑖 = ( 𝑋𝑖−1)2 mod n =14135
𝐵𝑖= 𝑋𝑖 mod2 =1
19. Is a symmetric encryption algorithm cipher text
output is produced bit by bit or byte by byte
Another name for the stream cipher is the state
cipher since every digit is dependent on the current
state of the cipher
Have a pseudo random key stream
Combined (XOR) with plaintext bit by bit
Randomness of stream key completely destroys
statistically properties in message
Ci = Mi XOR Stream Keyi
But must never reuse stream key
Otherwise can recover messages
20.
21. 1- Synchronous Stream Ciphers
Called synchronous if key stream does not depend
on the plain text (depends on key alone)
Both the sender and receiver must use the same
information in order for decryption of the cipher text
to be successful.
Example: RC4 ,block cipher in OFB.
2- Self-Synchronizing Stream Ciphers
Key stream depend on the plain text
Cipher Text Auto Key (CTAK). This concept allows
the receiver to automatically synchronize with the
key stream generator after receiving N cipher text
digits.
Example: block cipher in cipher feedback CFB mode
22.
23. Some design considerations are:
Long period with no repetitions
Key stream should approximate true random
number stream
Key must withstand brute force attacks depends
on large enough key
Comparison to Block Ciphers
• Can be as secure as a block cipher with same size
key
• But Stream ciphers often simpler to implement &
faster
• Block ciphers can re-use keys
24.
25. RC4 is a proprietary cipher owned by RSA Security.
Designed by Ron Rivest in 1987
Widely used in the web SSL (Secure Socket Layer)/
TLS (Transport Layer Security), wireless WEP(Wired
Equivalent Privacy/WPA( WiFi Protected Access).
Very simple and efficient implementation.
Can use variable length key of from 1-256 bytes
(8 to 2048 bits ).
The algorithm is based on the use of random
permutation of all 8 bit value
26. Parameters and Variables
Variable length key, K, from 1 to 256 Bytes
State vector, S, 256 Bytes
Temporary vector, T, 256 Bytes
Steps
Starts with an array S of numbers: 0..255
Use key to well and truly shuffle
S forms internal state of the cipher
for i = 0 to 255 do
S[i] = i
T[i] = K[i mod keylen ]
j = 0
for i = 0 to 255 do
j = (j + S[i] + T[i]) (mod 256)
swap (S[i], S[j])
27. Encryption continues shuffling array values
Sum of shuffled pair selects "stream key" value from
permutation
XOR S[t] with next byte of message to en/decrypt
i = j = 0
for each message byte Mi
i = (i + 1) (mod 256)
j = (j + S[i]) (mod 256)
swap(S[i], S[j])
t = (S[i] + S[j]) (mod 256)
Ci = Mi XOR S[t]
28.
29. Claimed secure against known attacks
have some analyses, none practical
Result is very non-linear since RC4 is a stream cipher,
must never reuse a key
Have a concern with WEP, but due to key handling
rather than RC4 itself
Currently RC4 its regarded as quite secure, if used
correctly, with a sufficiently large key