Biblio

We analyze the prandom pseudo random number generator (PRNG) in use in the Linux kernel (which is the kernel of the Linux operating system, as well as of Android) and demonstrate that this PRNG is weak. The prandom PRNG is in use by many "consumers" in the Linux kernel. We focused on three consumers at the network level – the UDP source port generation algorithm, the IPv6 flow label generation algorithm and the IPv4 ID generation algorithm. The flawed prandom PRNG is shared by all these consumers, which enables us to mount "cross layer attacks" against the Linux kernel. In these attacks, we infer the internal state of the prandom PRNG from one OSI layer, and use it to either predict the values of the PRNG employed by the other OSI layer, or to correlate it to an internal state of the PRNG inferred from the other protocol.Using this approach we can mount a very efficient DNS cache poisoning attack against Linux. We collect TCP/IPv6 flow label values, or UDP source ports, or TCP/IPv4 IP ID values, reconstruct the internal PRNG state, then predict an outbound DNS query UDP source port, which speeds up the attack by a factor of x3000 to x6000. This attack works remotely, but can also be mounted locally, across Linux users and across containers, and (depending on the stub resolver) can poison the cache with an arbitrary DNS record. Additionally, we can identify and track Linux and Android devices – we collect TCP/IPv6 flow label values and/or UDP source port values and/or TCP/IPv4 ID fields, reconstruct the PRNG internal state and correlate this new state to previously extracted PRNG states to identify the same device.

Quantum cryptography doesn't depend on computational capabilities of intruders; it uses inviolability of quantum physics postulates (postulate of measurement, no-cloning theorem, uncertainty principle). Some quantum key distribution protocols have absolute (theoretical and informational) stability, but quantum secure direct communication (deterministic) protocols have only asymptotic stability. For a whole class of methods to ensure Q-trit deterministic quantum cryptography protocols stability, reliable trit generation method is required. In this paper, authors have developed a high-speed and secure pseudorandom number (PRN) generation method. This method includes the following steps: initialization of the internal state vector and direct PRN generation. Based on this method TriGen v.2.0 pseudo-random number generator (PRNG) was developed and studied in practice. Therefore, analysing the results of study it can be concluded following: 1) Proposed Q-trit PRNG is better then standard C ++ PRNG and can be used on practice for critical applications; 2) NIST STS technique cannot be used to evaluate the quality (statistical stability) of the Q-trit PRNG and formed trit sequences; 3) TritSTS 2020 technique is suitable for evaluating Q-trit PRNG and trit sequences quality. A future research study can be related to developing a fully-functional version of TritSTS technique and software tool.

Cryptography is one of the important aspect of data and information security. The security strength of cryptographic algorithms rely on the secrecy and randomness of keys. In this study, bitwise operations, Fisher-Yates shuffling algorithm, and cipher text mapping are integrated in the proposed TRNG key generator for One-Time Pad cryptography. Frequency monobit, frequency within a block, and runs tests are performed to evaluate the key randomness. The proposed method is also evaluated in terms of avalanche effect and brute force attack. Tests results indicate that the proposed method generates more random keys and has a higher level of security compared with the usual OTP using PRNG and TRNGs that do not undergo a refining phase.

Security is a universal concern across a multitude of sectors involved in the transfer and storage of computerized data. In the realm of cryptography, random number generators (RNGs) are integral to the creation of encryption keys that protect private data, and the production of uniform probability outcomes is a revenue source for certain enterprises (most notably the casino industry). Arbitrary thread schedule reconstruction of compare-and-swap operations is used to generate input traces for the Blum-Elias algorithm as a method for constructing random sequences, provided the compare-and-swap operations avoid cache locality. Threads accessing shared memory at the memory controller is a true random source which can be polled indirectly through our algorithm with unlimited parallelism. A theoretical and experimental analysis of the observation and reconstruction algorithm are considered. The quality of the random number generator is experimentally analyzed using two standard test suites, DieHarder and ENT, on three data sets.

Random numbers are important tools for generating secret keys, encrypting messages, or masking the content of certain protocols with a random sequence that can be deterministically generated. The lack of assurance about the random numbers generated can cause serious damage to cryptographic protocols, prompting vulnerabilities to be exploited by the attackers. In this paper, a new pseudo - random number generator algorithm that uses dynamic system clock converted to Epoch Timestamp as PRNG seed was developed. The algorithm uses a Linear Congruential Generator (LCG) algorithm that produces a sequence of pseudo - randomized numbers that performs mathematical operations to transform numbers that appears to be unrelated to the Seed. Simulation result shows that the new PRNG algorithm does not generate repeated random numbers based on the frequency of iteration, a good indicator that the key for random numbers is secured. Numerical analysis using NIST Test Suite results concerning to random sequences generated random numbers has a total average of 0.342 P-value. For a p-value ≥ 0.001, a sequence would be considered to be random with a confidence of 99.9%. This shows that robustness and unpredictability were achieved. Hence, It is highly deterministic in nature and has a good quality of Pseudo-Random Numbers. It is therefore a good source of a session key generation for encryption, reciprocal in the authentication schemes and other cryptographic algorithm parameters that improve and secure data from any type of security attack.

In the last few decades, the relative simplicity of the logistic map made it a widely accepted point in the consideration of chaos, which is having the good properties of unpredictability, sensitiveness in the key values and ergodicity. Further, the system parameters fit the requirements of a cipher widely used in the field of cryptography, asymmetric and symmetric key chaos based cryptography, and for pseudorandom sequence generation. Also, the hardware-based embedded system is configured on FPGA devices for high performance. In this paper, a novel stream cipher using chaotic logistic map is proposed. The two chaotic logistic maps are coded using Verilog HDL and implemented on commercially available FPGA hardware using Xilinx device: XC3S250E for the part: FT256 and operated at frequency of 62.20 MHz to generate the non-recursive key which is used in key scheduling of pseudorandom number generation (PRNG) to produce the key stream. The realization of proposed cryptosystem in this FPGA device accomplishes the improved efficiency equal to 0.1186 Mbps/slice. Further, the generated binary sequence from the experiment is analyzed for X-power, thermal analysis, and randomness tests are performed using NIST statistical.

Pseudo-random number generators (PRNGs) are a critical infrastructure for cryptography and security of many computer applications. At the same time, PRNGs are surprisingly difficult to design, implement, and debug. This paper presents the first static analysis technique specifically for quality assurance of cryptographic PRNG implementations. The analysis targets a particular kind of implementation defect, the entropy loss. Entropy loss occurs when the entropy contained in the PRNG seed is not utilized to the full extent for generating the pseudo-random output stream. The Debian OpenSSL disaster, probably the most prominent PRNG-related security incident, was one but not the only manifestation of such a defect. Together with the static analysis technique, we present its implementation, a tool named Entroposcope. The tool offers a high degree of automation and practicality. We have applied the tool to five real-world PRNGs of different designs and show that it effectively detects both known and previously unknown instances of entropy loss.

In the RFID technology, the privacy of low-cost tag is a hot issue in recent years. A new mutual authentication protocol is achieved with the time stamps, hash function and PRNG. This paper analyzes some common attack against RFID and the relevant solutions. We also make the security performance comparison with original security authentication protocol. This protocol can not only speed up the proof procedure but also save cost and it can prevent the RFID system from being attacked by replay, clone and DOS, etc..