The document discusses various types of random number generation, focusing on the importance of randomness and unpredictability for network security, specifically in encryption applications. It differentiates between pseudorandom and true random numbers, explains their generation processes, and outlines criteria for validating randomness. Additionally, it details cryptographic algorithms and stream ciphers, particularly RC4, emphasizing secure key management and implementation considerations.

2. pseudorandom number generation
Stream ciphers
RC4
True random numbers

3.  Random number is a number generated by a
process, whose outcome is unpredictable, and which
cannot be sub sequentially reliably reproduced
 Random numbers play an important role in the use of
encryption for various network security applications.
Two Types of Random Numbers
 Pseudorandom numbers are numbers that appear
random, but are obtained in a deterministic,
repeatable, and predictable manner.
 True random numbers are generated in non-
deterministic ways. They are not predictable. They
are not repeatable

4. 1- Key distribution and reciprocal authentication
schemes
2- Session key generation.
 Session key is a secret key for symmetric encryption
generated for use for a short period of time.
3- Generation of keys for the RSA public- key encryption
algorithm
4- Generation of a bit stream for symmetric stream
encryption
 These application give two distinct requirements :
Randomness and Unpredictability

5.  Two criteria are used to validate that a sequence of
numbers is random:
1. Uniform distribution
The distribution of bits in the sequence should be
uniform .Frequency of occurrence of 1 and 0
approximately equal .
2. Independence : No one subsequence in the
sequence can be inferred from the others
UNPREDICTABILITY
 Hard to predict next value in sequence.

6.  1-True Random number Generators
 Best source is natural randomness in real world
 TRNG uses a nondeterministic source to produce
randomness
 entropy source refer to produce randomness, from
physical environment .
 Physical environment of the computer and could include
things such as disk electrical activity, mouse
movements, and instantaneous values of the system
clock
 TRNG produce randomness.by measuring unpredictable
natural processes , such as pulse detectors of ionizing
radiation events, gas discharge tubes, and leaky
capacitors.

7.  Lava rand is an open source project for creating truly
random numbers using inexpensive cameras , open
source code, and inexpensive hardware.
 TRNG may simply involve conversion of an analog
source to a binary output
 Problems of bias or uneven distribution in signal
 have to compensate for this when sample, often by
passing bits through a hash function
 Best to only use a few noisiest bits from each sample
 RFC4086 recommends using multiple sources of
randomness on a computer & hash function to generate
true random output , possible sources is
 Sound /video input
 Disk drivers

8.  Deskewing :methods of modifying a bit stream to
reduce or eliminate the bias have been developed
 One approach to deskew is to pass the bit stream
through a hash function, such as MD5 or SHA-1
 There is also an online service (random.org), which can
deliver random sequences securely over the Internet.
 Operating systems provide a built-in mechanism for
generating random numbers. For, Linux uses four
entropy sources: mouse and keyboard activity, disk I/O
operations, and specific interrupts.

9.  An algorithm that is used to produce an open-ended
sequence of bits
 Deterministic algorithms to calculate numbers in
“relatively random” sequence
 Seed is algorithm input .
 Produces continuous stream of random bits
Pseudo Random Function
 Used to produced a pseudorandom string of bits of
some fixed length
 Takes as input a seed plus some context specific
values, such as a user ID or an application ID

11. Hard to determine pseudo-random stream if don’t know
seed (but know algorithm)
1- RANDOMNESS
A. Uniformity : occurrence of a zero or one is equally
likely, n/2where n = the sequence length.
B. Scalability : Any test applicable to a sequence can also
be applied to subsequences extracted at random
C. Consistency : The behavior of a generator must be
consistent
We have Three test:
1-Frequency test
2-Runs test
3- Maurer’s universal statistical test : detect whether or
not the sequence can be significantly compressed without
loss of information

12. 2- UNPREDICTABILITY
A. Forward unpredictability
B. Backward unpredictability
3-SEED REQUIREMENTS
For cryptographic applications
 The seed that serves as input to the PRNG
must be secure. Because the PRNG is a
deterministic algorithm
 The seed is generated by a TRNG

14.  Two categories.
 Purpose-built algorithms: These are algorithms
designed specifically and only for the purpose of
generating pseudorandom bit streams
 Algorithms based on existing cryptographic
algorithms: Cryptographic algorithms have the effect
of randomizing input.
 Three broad categories of cryptographic algorithms
are commonly used to create PRNG
 - Symmetric block ciphers.
 - Asymmetric ciphers.
 - Hash functions and message authentication codes

15.  1- Linear Congruential Generator LCG
 Most commonly used for generating random integers
 generate the next random integer using the previous
random integer .
 To get started, the algorithm requires an initial ``seed'',
which must be provided .
 Given suitable values of parameters can produce a long
random-like sequence.
 Suitable criteria to have are:
 Function generates a full-period
 Generated sequence should appear random
 Efficient implementation with 32-bit arithmetic
 Note that an attacker can reconstruct sequence given a
small number of values
 Have possibilities for making this harder

16. 

17.  Cryptographically secure pseudorandom bit generator
(CSPRBG).
 Named for its developers [BLUM86].
 Based on public key algorithms
 The security of BBS is based on the difficulty of
factoring n
 Unpredictable, passes next-bit test
 Security rests on difficulty of factoring N
 Is unpredictable given any run of bits
 Slow, since very large numbers must be used
 Too slow for cipher use, good for key generation

18.  p, q: large prime numbers such that:
(p mod 4) = (q mod 4) = 3
 n = p * q
 s: random number relatively prime to n
Generation sequence of bits ,Bi:
𝑋0 = 𝑠2 𝑚𝑜𝑑 𝑛
𝑓𝑜𝑟 𝑖 = 1 𝑡𝑜 ∞
𝑋𝑖 =( 𝑋𝑖−1)2 mod n
𝐵𝑖= 𝑋𝑖 mod 2
 Example:
p=383 ,q=503 ,s=101355
N=p∗q n= 192649
𝑋0 = 𝑆2
mod n
𝑋0 =20749
𝑋𝑖 = ( 𝑋𝑖−1)2 mod n =14135
𝐵𝑖= 𝑋𝑖 mod2 =1

19.  Is a symmetric encryption algorithm cipher text
output is produced bit by bit or byte by byte
 Another name for the stream cipher is the state
cipher since every digit is dependent on the current
state of the cipher
 Have a pseudo random key stream
 Combined (XOR) with plaintext bit by bit
 Randomness of stream key completely destroys
statistically properties in message
Ci = Mi XOR Stream Keyi
 But must never reuse stream key
 Otherwise can recover messages

21. 1- Synchronous Stream Ciphers
 Called synchronous if key stream does not depend
on the plain text (depends on key alone)
 Both the sender and receiver must use the same
information in order for decryption of the cipher text
to be successful.
 Example: RC4 ,block cipher in OFB.
2- Self-Synchronizing Stream Ciphers
 Key stream depend on the plain text
 Cipher Text Auto Key (CTAK). This concept allows
the receiver to automatically synchronize with the
key stream generator after receiving N cipher text
digits.
 Example: block cipher in cipher feedback CFB mode

23.  Some design considerations are:
Long period with no repetitions
Key stream should approximate true random
number stream
Key must withstand brute force attacks depends
on large enough key
Comparison to Block Ciphers
• Can be as secure as a block cipher with same size
key
• But Stream ciphers often simpler to implement &
faster
• Block ciphers can re-use keys

25.  RC4 is a proprietary cipher owned by RSA Security.
 Designed by Ron Rivest in 1987
 Widely used in the web SSL (Secure Socket Layer)/
TLS (Transport Layer Security), wireless WEP(Wired
Equivalent Privacy/WPA( WiFi Protected Access).
 Very simple and efficient implementation.
 Can use variable length key of from 1-256 bytes
(8 to 2048 bits ).
 The algorithm is based on the use of random
permutation of all 8 bit value

26. Parameters and Variables
 Variable length key, K, from 1 to 256 Bytes
 State vector, S, 256 Bytes
 Temporary vector, T, 256 Bytes
Steps
 Starts with an array S of numbers: 0..255
 Use key to well and truly shuffle
 S forms internal state of the cipher
for i = 0 to 255 do
S[i] = i
T[i] = K[i mod keylen ]
j = 0
for i = 0 to 255 do
j = (j + S[i] + T[i]) (mod 256)
swap (S[i], S[j])

27.  Encryption continues shuffling array values
 Sum of shuffled pair selects "stream key" value from
permutation
 XOR S[t] with next byte of message to en/decrypt
i = j = 0
for each message byte Mi
i = (i + 1) (mod 256)
j = (j + S[i]) (mod 256)
swap(S[i], S[j])
t = (S[i] + S[j]) (mod 256)
Ci = Mi XOR S[t]

29.  Claimed secure against known attacks
have some analyses, none practical
 Result is very non-linear since RC4 is a stream cipher,
must never reuse a key
 Have a concern with WEP, but due to key handling
rather than RC4 itself
 Currently RC4 its regarded as quite secure, if used
correctly, with a sufficiently large key