Biblio

We re-use a polarization-multiplexed I/Q modulator to acquire the quantum randomness of its seed laser light for the purpose of quantum random number generation. We obtain 9×104 256-bit AES keys/second after randomness extraction. Time-interleaved random number generation is demonstrated for PM-QPSK transmission.

In this brief, a cryptographically secure pseudo-random number generator based on the NIST Koblitz elliptic curve K-163 is implemented. A 3-stage pipelined multiplier is adopted to speed up point additions. In addition, Frobenius map and point additions are performed in parallel to reduce the clock cycles required for scalar multiplication. By expanding the multiplier with a multiplexer, exponentiation and multiplication can be executed simultaneously, thus greatly reducing the clock cycles needed for inversion. Implementation results on Xilinx Virtex-4 show that the frequency of the multiplier is up to 248 MHz, therefore it takes only 2.21 us for scalar multiplication over K-163. The cryptographically secure pseudo-random number generator can produce 452 Kbit random number every second.

Physical unclonable functions(PUFs) are widely used as hardware root-of-trust to secure IoT devices, data and services. A PUF exploits inherent randomness introduced during manufacturing to give a unique digital fingerprint. Static Random-Access Memory (SRAM) based PUFs can be used as a mature technology for authentication. An SRAM with a number of SRAM cells gives an unrepeatable and random pattern of 0's and 1's during power on. As it is a unique pattern, it can be called as SRAM fingerprint and can be used as a PUF. The chance of producing more number of same values (either zero or one) is higher during power on. If a particular value present at almost all the cell during power on, it will lead to the dominance of either zero or one in the cryptographic key sequence. As the cryptographic key is generated by randomly taking address location of SRAM cells, (the subset of power on values of all the SRAM cells)the probability of occurring the same sequence most of the time is higher. In order to avoid that situation, SRAM should have to produce an equal number of zeros and ones during power on. SRAM PUF is implemented in Cadence Virtuoso tool. To generate equal zeros and ones during power on, variations can be done in the physical dimensions and to increase the stability body biasing can be effectively done.

Pseudorandom bit generators (PRBG) can be designed to take the advantage of some hard number theoretic problems such as the discrete logarithm problem (DLP). Such type of generators will have good randomness and unpredictability properties as it is so difficult to find an easy solution to the regarding mathematical dilemma. Hash functions in turn play a remarkable role in many cryptographic tasks to achieve various security strengths. In this paper, a pseudorandom bit generator mechanism that is based mainly on the elliptic curve discrete logarithm problem (ECDLP) and hash derivation function is proposed. The cryptographic hash functions are used in consuming applications that require various security strengths. In a good hash function, finding whatever the input that can be mapped to any pre-specified output is considered computationally infeasible. The obtained pseudorandom bits are tested with NIST statistical tests and it also could fulfill the up-to-date standards. Moreover, a 256 × 256 grayscale images are encrypted with the obtained pseudorandom bits following by necessary analysis of the cipher images for security prove.

In this work, an asymmetric cryptography method for information security was developed, inspired by the fact that the human body generates chaotic signals, and these signals can be used to create sequences of random numbers. Encryption circuit was implemented in a Reconfigurable Hardware (FPGA). To encode and decode an image, the chaotic synchronization between two dynamic systems, such as Hopfield neural networks (HNNs), was used to simulate chaotic signals. The notion of Homotopy, an argument of topological nature, was used for the synchronization. The results show efficiency when compared to state of the art, in terms of image correlation, histogram analysis and hardware implementation.

Cryptosystems are essential for computer and communication security, e.g., RSA or ECDSA in PGP Email clients and AES in full disk encryption. In practice, the cryptographic keys are loaded and stored in RAM as plain-text, and therefore vulnerable to cold-boot attacks exploiting the remanence effect of RAM chips to directly read memory data. To tackle this problem, we propose Copker, a cryptographic engine that implements asymmetric cryptosystems entirely within the CPU, without storing any plain-text sensitive data in RAM. Copker supports the popular asymmetric cryptosystems (i.e., RSA and ECDSA), and deterministic random bit generators (DRBGs) used in ECDSA signing. In its active mode, Copker stores kilobytes of sensitive data, including the private key, the DRBG seed and intermediate states, only in on-chip CPU caches (and registers). Decryption/signing operations are performed without storing any sensitive information in RAM. In the suspend mode, Copker stores symmetrically-encrypted private keys and DRBG seeds in memory, while employs existing solutions to keep the key-encryption key securely in CPU registers. Hence, Copker releases the system resources in the suspend mode. We implement Copker with the support of multiple private keys. With security analyses and intensive experiments, we demonstrate that Copker provides cryptographic services that are secure against cold-boot attacks and introduce reasonable overhead.

In this work, an asymmetric cryptography method for information security was developed, inspired by the fact that the human body generates chaotic signals, and these signals can be used to create sequences of random numbers. Encryption circuit was implemented in a Reconfigurable Hardware (FPGA). To encode and decode an image, the chaotic synchronization between two dynamic systems, such as Hopfield neural networks (HNNs), was used to simulate chaotic signals. The notion of Homotopy, an argument of topological nature, was used for the synchronization. The results show efficiency when compared to state of the art, in terms of image correlation, histogram analysis and hardware implementation.

Polar codes are a talented coding technique with the ability to accomplish the discrete memoryless channel capacity for modern communication systems with high reliability, but it is not secured enough for such systems. A secured system counts on grouping polar codes with secret Mersenne- Twister pseudo-random number generator (MT PRNG) is presented in this paper. The proposed encoder security is deduced from the secret pre-shared initial state of MT PRNG which is considered as the crypto-system ciphering key. The generated sequences are random like and control the frozen bits' values and their indices in the polarized bit channels. When the decoding cipher key at the receiver has one-bit change from the original encoding cipher key, the receiver has an almost 0.5 BER probability. This means that the receiver, in this case, had no clue about the originally sent information data bits without prior knowledge of the utilized 232-bit ciphering key. Moreover, the security of the system can be enhanced by utilizing a pseudo-random number generator (PRBG) with longer seed to increase the system secrecy and decoding obscurity.

Chaotic dynamics is widely used to design pseudo-random number generators and for other applications, such as secure communications and encryption. This paper aims to study the dynamics of the discrete-time chaotic maps in the digital (i.e., finite-precision) domain. Differing from the traditional approaches treating a digital chaotic map as a black box with different explanations according to the test results of the output, the dynamical properties of such chaotic maps are first explored with a fixed-point arithmetic, using the Logistic map and the Tent map as two representative examples, from a new perspective with the corresponding state-mapping networks (SMNs). In an SMN, every possible value in the digital domain is considered as a node and the mapping relationship between any pair of nodes is a directed edge. The scale-free properties of the Logistic map's SMN are proved. The analytic results are further extended to the scenario of floating-point arithmetic and for other chaotic maps. Understanding the network structure of a chaotic map's SMN in digital computers can facilitate counteracting the undesirable degeneration of chaotic dynamics in finite-precision domains, also helping to classify and improve the randomness of pseudo-random number sequences generated by iterating the chaotic maps.

Cryptography is one of the important aspect of data and information security. The security strength of cryptographic algorithms rely on the secrecy and randomness of keys. In this study, bitwise operations, Fisher-Yates shuffling algorithm, and cipher text mapping are integrated in the proposed TRNG key generator for One-Time Pad cryptography. Frequency monobit, frequency within a block, and runs tests are performed to evaluate the key randomness. The proposed method is also evaluated in terms of avalanche effect and brute force attack. Tests results indicate that the proposed method generates more random keys and has a higher level of security compared with the usual OTP using PRNG and TRNGs that do not undergo a refining phase.

The methods are based on injecting unpredictability into means and objects of protection are called stochastic methods of information security. The effective protection can be done only by using stochastic methods against an active opponent. The effectiveness of stochastic protection methods is defined by the quality of the used pseudo-random number generators and hash functions. The proposed hashing algorithm DOZENHASH is based on the using of 3D stochastic transformations of DOZEN family. The principal feature of the algorithm is that all input and output data blocks as well as intermediate results of calculations are represented as three-dimensional array of bytes with 4 bytes in each dimension. Thus, the resulting transformation has a high degree of parallelism at the level of elementary operations, in other words, it is focused on the implementation using heterogeneous supercomputer technologies.

Quantum computing is posing new threats on our security infrastructure. This has triggered a new research field on quantum-safe methods, and those that rely on the application of quantum principles are commonly referred as quantum cryptography. The most mature development in the field of quantum cryptography is called Quantum Key Distribution (QKD). QKD is a key exchange primitive that can replace existing mechanisms that can become obsolete in the near future. Although QKD has reached a high level of maturity, there is still a long path for a mass market implementation. QKD shall overcome issues such as miniaturization, network integration and the reduction of production costs to make the technology affordable. In this direction, we foresee that QKD systems will evolve following the same path as other networking technologies, where systems will run on specific network cards, integrable in commodity chassis. This work describes part of our activity in the EU H2020 project CiViQ in which quantum technologies, as QKD systems or quantum random number generators (QRNG), will become a single network element that we define as Quantum Switch. This allows for quantum resources (keys or random numbers) to be provided as a service, while the different components are integrated to cooperate for providing the most random and secure bit streams. Furthermore, with the purpose of making our proposal closer to current networking technology, this work also proposes an abstraction logic for making our Quantum Switch suitable to become part of software-defined networking (SDN) architectures. The model fits in the architecture of the SDN quantum node architecture, that is being under standardization by the European Telecommunications Standards Institute. It permits to operate an entire quantum network using a logically centralized SDN controller, and quantum switches to generate and to forward key material and random numbers across the entire network. This scheme, demonstrated for the first time at the Madrid Quantum Network, will allow for a faster and seamless integration of quantum technologies in the telecommunications infrastructure.

Random number generators play a pivotal role in generating security primitives, e.g., encryption keys, nonces, initial vectors, and random masking for side-channel countermeasures. A quantum entropy source based on radioactive isotope decay can be exploited to generate random numbers with sufficient entropy. If a deterministic random bit generator (DRBG) is combined for post-processing, throughput of the quantum random number generator (QRNG) can be improved. However, general DRBGs are susceptible to side-channel attacks. In this paper, we propose a framework called SCR-QRNG framework, which offers Side-Channel Resistant primitives using QRNG. The QRNG provides sources of randomness for modulating the clock frequency of a DRBG to obfuscate side-channel leakages, and to generate unbiased random numbers for security primitives. The QRNG has robustness against power side-channel attacks and is in compliance with NIST SP 800-22/90B and BSI AIS 31. We fabricate a quantum entropy chip, and implement a PCB module for a random frequency clock generator and a side-channel resistant QRNG on an FPGA.

To discuss secure key generation from imperfect random numbers, we address the secure key generation length. There are several studies for its asymptotic expansion up to the order √n or log n. However, these expansions have errors of the order o(√n) or o(log n), which does not go to zero asymptotically. To resolve this problem, we derive the asymptotic expansion up to the constant order for upper and lower bounds of these optimal values. While the expansions of upper and lower bonds do not match, they clarify the ranges of these optimal values, whose errors go to zero asymptotically.

Security is a universal concern across a multitude of sectors involved in the transfer and storage of computerized data. In the realm of cryptography, random number generators (RNGs) are integral to the creation of encryption keys that protect private data, and the production of uniform probability outcomes is a revenue source for certain enterprises (most notably the casino industry). Arbitrary thread schedule reconstruction of compare-and-swap operations is used to generate input traces for the Blum-Elias algorithm as a method for constructing random sequences, provided the compare-and-swap operations avoid cache locality. Threads accessing shared memory at the memory controller is a true random source which can be polled indirectly through our algorithm with unlimited parallelism. A theoretical and experimental analysis of the observation and reconstruction algorithm are considered. The quality of the random number generator is experimentally analyzed using two standard test suites, DieHarder and ENT, on three data sets.

In cryptography, one-time pad (OTP) is claimed to be the perfect secrecy algorithm in several works if all of its features are applied correctly. Its secrecy depends mostly on random keys, which must be truly random and unpredictable. Random number generators are used in key generation. In Psuedo Random Number Generator (PRNG), the possibility of producing numbers that are predictable and repeated exists. In this study, a proposed method using True Random Number Generator (TRNG) and Fisher-Yates shuffling algorithm are implemented to generate random keys for OTP. Frequency (monobit) test, frequency test within a block, and runs tests are performed and showed that the proposed method produces more random keys. Sufficient confusion and diffusion properties are obtained using Pearson correlation analysis.

OpenSSL is an open source library that implements the Secure Socket Layer (SSL), a security protocol used by the TCP/IP layer. All cryptographic systems require random number generation for many reasons, such as cryptographic key generation and protocol challenge/response, OpenSSL is also the same. OpenSSL can be run on a variety of operating systems. especially when generating random numbers on Unix-like operating systems, it can use /dev /(u)random [6], as a seed to add randomness. In this paper, we analyze the process provided by OpenSSL when random number generation is required. We also provide considerations for application developers and OpenSSL users to use /dev/urandom and real-time clock (nanoseconds of timespec structure) as a seed to generate cryptographic random numbers in the Unix family.

Random numbers are important tools for generating secret keys, encrypting messages, or masking the content of certain protocols with a random sequence that can be deterministically generated. The lack of assurance about the random numbers generated can cause serious damage to cryptographic protocols, prompting vulnerabilities to be exploited by the attackers. In this paper, a new pseudo - random number generator algorithm that uses dynamic system clock converted to Epoch Timestamp as PRNG seed was developed. The algorithm uses a Linear Congruential Generator (LCG) algorithm that produces a sequence of pseudo - randomized numbers that performs mathematical operations to transform numbers that appears to be unrelated to the Seed. Simulation result shows that the new PRNG algorithm does not generate repeated random numbers based on the frequency of iteration, a good indicator that the key for random numbers is secured. Numerical analysis using NIST Test Suite results concerning to random sequences generated random numbers has a total average of 0.342 P-value. For a p-value ≥ 0.001, a sequence would be considered to be random with a confidence of 99.9%. This shows that robustness and unpredictability were achieved. Hence, It is highly deterministic in nature and has a good quality of Pseudo-Random Numbers. It is therefore a good source of a session key generation for encryption, reciprocal in the authentication schemes and other cryptographic algorithm parameters that improve and secure data from any type of security attack.

The problems of random numbers application to the information security of data, communication lines, computer units and automated driving systems are considered. The possibilities for making up quantum generators of random numbers and existing solutions for acquiring of sufficiently random sequences are analyzed. The authors found out the method for the creation of quantum generators on the basis of semiconductor electronic components. The electron-quantum generator based on electrons tunneling is experimentally demonstrated. It is shown that it is able to create random sequences of high security level and satisfying known NIST statistical tests (P-Value\textbackslashtextgreater0.9). The generator created can be used for formation of both closed and open cryptographic keys in computer systems and other platforms and has great potential for realization of random walks and probabilistic computing on the basis of neural nets and other IT problems.

Generating a secure source of publicly-verifiable randomness could be the single most fundamental technical challenge on a distributed network, especially in the blockchain context. Many current proposals face serious problems of scalability and security issues. We present a protocol which can be implemented on a blockchain that ensures unpredictable, tamper-resistant, scalable and publicly-verifiable outcomes. The main building blocks of our protocol are homomorphic encryption (HE) and verifiable random functions (VRF). The use of homomorphic encryption enables mathematical operations to be performed on encrypted data, to ensure no one knows the outcome prior to being generated. The protocol requires O(n) elliptic curve multiplications and additions as well as O(n) signature signing and verification operations, which permits great scalability. We present a comparison between recent approaches to the generation of random beacons.

Generating public randomness has been significantly demanding and also challenging, especially after the introduction of the Blockchain Technology. Lotteries, smart contracts, and random audits are examples where the reliability of the randomness source is a vital factor. We demonstrate a system of random number generation service for generating fair, tamper-resistant, and verifiable random numbers. Our protocol together with this system is an R&D project aiming at providing a decentralized solution to random number generation by leveraging the blockchain technology along with long-lasting cryptographic primitives including homomorphic encryption, verifiable random functions. The system decentralizes the process of generating random numbers by combining each party's favored value to obtain the final random numbers. Our novel idea is to force each party to encrypt his contribution before making it public. With the help of homomorphic encryption, all encrypted contribution can be combined without performing any decryption. The solution has achieved the properties of unpredictability, tamper-resistance, and public-verifiability. In addition, it only offers a linear overall complexity with respect to the number of parties on the network, which permits great scalability.

Diffie-Hellman and RSA encryption/decryption involve computationally intensive cryptographic operations such as modular exponentiation. Computing modular exponentiation using appropriate pre-computed pairs of bases and exponents was first proposed by Boyko et al. In this paper, we present a reconfigurable architecture for pre-computation methods to compute modular exponentiation and thereby speeding up RSA and Diffie-Hellman like protocols. We choose Diffie-Hellman key pair (a, ga mod p) to illustrate the efficiency of Boyko et al's scheme in hardware architecture that stores pre-computed values ai and corresponding gai in individual block RAM. We use a Pseudo-random number generator (PRNG) to randomly choose ai values that are added and corresponding gai values are multiplied using modular multiplier to arrive at a new pair (a, ga mod p). Further, we present the advantage of using Montgomery and interleaved methods for batch multiplication to optimise time and area. We show that a 1024-bit modular exponentiation can be performed in less than 73$μ$s at a clock rate of 200MHz on a Xilinx Virtex 7 FPGA.

Deterministic chaotic systems have been studied and developed in various fields of research. Dynamical systems with chaotic dynamics have different applications in communication, security and computation. Chaotic behaviors can be created by even simple nonlinear systems which can be implemented on low-cost hardware platforms. This paper presents a high-speed and low-cost hardware of three-dimensional chaotic flows without equilibrium. The proposed chaotic hardware is able to reproduce the main mechanism and dynamical behavior of the 3D chaotic flows observed in simulation, then a Chaotic Pseudo Random Number Generator is designed based on a 3D chaotic system. The proposed hardware is implemented with low computational overhead on an FPGA board, as a proof of concept. This low-cost chaotic hardware can be utilized in embedded and lightweight systems for a variety of chaotic based digital systems such as digital communication systems, and cryptography systems based on chaos theory for Security and IoT applications.

The security of current key exchange protocols such as Diffie-Hellman key exchange is based on the hardness of number theoretic problems. However, these key exchange protocols are threatened by weak random number generators, advances to CPU power, a new attack from the eavesdropper, and the emergence of a quantum computer. Quantum Key Distribution (QKD) addresses these challenges by using quantum properties to exchange a secret key without the risk of being intercepted. Recent developments on the QKD system resulted in a stable key generation with fewer errors so that the QKD system is rapidly becoming a solid commercial proposition. However, although the security of the QKD system is guaranteed by quantum physics, its careless implementation could make the system vulnerable. In this paper, we proposed the first side-channel attack on plug-and-play QKD system. Through a single electromagnetic trace obtained from the phase modulator on Alice's side, we were able to classify the electromagnetic trace into four classes, which corresponds to the number of bit and basis combination in the BB84 protocol. We concluded that the plug-and-play QKD system is vulnerable to side-channel attack so that the countermeasure must be considered.

In the last few decades, the relative simplicity of the logistic map made it a widely accepted point in the consideration of chaos, which is having the good properties of unpredictability, sensitiveness in the key values and ergodicity. Further, the system parameters fit the requirements of a cipher widely used in the field of cryptography, asymmetric and symmetric key chaos based cryptography, and for pseudorandom sequence generation. Also, the hardware-based embedded system is configured on FPGA devices for high performance. In this paper, a novel stream cipher using chaotic logistic map is proposed. The two chaotic logistic maps are coded using Verilog HDL and implemented on commercially available FPGA hardware using Xilinx device: XC3S250E for the part: FT256 and operated at frequency of 62.20 MHz to generate the non-recursive key which is used in key scheduling of pseudorandom number generation (PRNG) to produce the key stream. The realization of proposed cryptosystem in this FPGA device accomplishes the improved efficiency equal to 0.1186 Mbps/slice. Further, the generated binary sequence from the experiment is analyzed for X-power, thermal analysis, and randomness tests are performed using NIST statistical.