Biblio

Currently, statistical tests for random number generators (RNGs) are widely used in practice, and some of them are even included in information security standards. But despite the popularity of RNGs, consistent tests are known only for stationary ergodic deviations of randomness (a test is consistent if it detects any deviations from a given class when the sample size goes to infinity). However, the model of a stationary ergodic source is too narrow for some RNGs, in particular, for generators based on physical effects. In this article, we propose computable consistent tests for some classes of deviations more general than stationary ergodic and describe some general properties of statistical tests. The proposed approach and the resulting test are based on the ideas and methods of information theory.

Random number generators (RNGs) has an extensive application area from cryptography to simulation software. Piecewise linear one-dimensional (PL1D) maps are commonly preferred structures used as the basis of RNGs due to their theoretically proven chaotic behavior and ease of implementation. In this work, a skew-tent map based RNG is designed by using the chaotic sampling method in TSMC 180 nm CMOS process. Simulation data of the designed RNG is validated by the statistical randomness tests of the FIPS-140-2 and NIST 800-22 suites. The proposed RNG has three key features: the generated bitstreams can fulfill the randomness tests without using any post processing methods; the proposed RNG has immunity against external interference thanks to the chaotic sampling method; and higher bitrates (4.8 Mbit/s) can be achieved with relatively low power consumption (9.8 mW). Thus, robust RNG systems can be built for high-speed security applications with low power by using the proposed architecture.

Present day's data security plays a vital role in digital human life. Data is a valuable asset to any organization and hence its security from external attacks is very important. Information security is not only an important aspect but essential, to secure data from unapproved access. Data encryption, decryption and key management are the key factors in data protection. It is very important to have the right data security solution to meet the challenging threats. Cryptosystem implementation and random number generators are crucial for Cryptosystem applications such as security applications, space applications, military applications and smart cards et al. In this paper, we present the implementation of hybrid cryptosystem based on the True Random number Generator, pseudo Random number Generator and whitening the data by using the ASIC design flow.

In this paper a novel random number generator is introduced and it is based on the Skew-tent discrete-time chaotic map. The RNG presented in this paper is made using the discrete-time chaotic map and chaotic sampling of regular waveform method together to increase the throughput and statistical quality of the output sequence. An explanation of the arithmetic model for the proposed design is given in this paper with an algebra confirmation for the generated bit stream that shows how it passes the primary four tests of the FIPS-140-2 test suit successfully. Finally the bit stream resulting from the hardware implementation of the circuit in a similar method has been confirmed to pass all NIST-800-22 test with no post processing. A presentation of the experimentally obtained results is given therefor proving the the circuit’s usefulness. The proposed RNG can be built with the integrated circuit.

Security is a universal concern across a multitude of sectors involved in the transfer and storage of computerized data. In the realm of cryptography, random number generators (RNGs) are integral to the creation of encryption keys that protect private data, and the production of uniform probability outcomes is a revenue source for certain enterprises (most notably the casino industry). Arbitrary thread schedule reconstruction of compare-and-swap operations is used to generate input traces for the Blum-Elias algorithm as a method for constructing random sequences, provided the compare-and-swap operations avoid cache locality. Threads accessing shared memory at the memory controller is a true random source which can be polled indirectly through our algorithm with unlimited parallelism. A theoretical and experimental analysis of the observation and reconstruction algorithm are considered. The quality of the random number generator is experimentally analyzed using two standard test suites, DieHarder and ENT, on three data sets.

Cryptographic applications need high-quality random number generator (RNG) for strong security and privacy measures. This paper presents RNG based on a hydrogen gas sensor that is fabricated by using microfabrication techniques. The proposed approach extracts the thermal noise information as an entropy source from the gas sensor that is non-deterministic during its operation and using hash function SHA-256 as post processing. This non-deterministic noise is then processed to acquire a random number set fulfilling the NIST 800-22 statistical randomness test suite and it demonstrates that a gas sensor based RNG can provide high-quality random numbers. Secure data transfer is possible by having this method directly without any other hardware where hydrogen gas sensor needs to be used such as petrochemical field, fuel cells, and nuclear reactors.

This paper presents a true random number generator that exploits the subthreshold properties of jitter of events propagating in a self-timed ring and jitter of events propagating in an inverter based ring oscillator. Design was implemented in 180nm CMOS flash process. Devices provide high quality random bit sequences passing FIPS 140-2 and NIST SP 800-22 statistical tests which guaranty uniform distribution and unpredictability thanks to the physics based entropy source.

Ransomware has become a very significant cyber threat. The basic idea of ransomware was presented in the form of a cryptovirus in 1995. However, it was considered as merely a conceptual topic since then for over a decade. In 2017, ransomware has become a reality, with several famous cases of ransomware having compromised important computer systems worldwide. For example, the damage caused by CryptoLocker and WannaCry is huge, as well as global. They encrypt victims' files and require user's payment to decrypt them. Because they utilize public key cryptography, the key for recovery cannot be found in the footprint of the ransomware on the victim's system. Therefore, once infected, the system cannot be recovered without paying for restoration. Various methods to deal this threat have been developed by antivirus researchers and experts in network security. However, it is believed that cryptographic defense is infeasible because recovering a victim's files is computationally as difficult as breaking a public key cryptosystem. Quite recently, various approaches to protect the crypto-API of an OS from malicious codes have been proposed. Most ransomware generate encryption keys using the random number generation service provided by the victim's OS. Thus, if a user can control all random numbers generated by the system, then he/she can recover the random numbers used by the ransomware for the encryption key. In this paper, we propose a dynamic ransomware protection method that replaces the random number generator of the OS with a user-defined generator. As the proposed method causes the virus program to generate keys based on the output from the user-defined generator, it is possible to recover an infected file system by reproducing the keys the attacker used to perform the encryption.

The transition effect ring oscillator (TERO) based true random number generator (TRNG) was proposed by Varchola and Drutarovsky in 2010. There were several stochastic models for this advanced TRNG based on ring oscillator. This paper proposed an improved TERO based TRNG and implements both on Altera Cyclone series FPGA platform and on a 0.13um CMOS ASIC process. FPGA experimental results show that this balanced TERO TRNG is in good performance as the experimental data results past the national institute of standards and technology (NIST) test in 1M bit/s. The TRNG is feasible for a security SoC.

In this paper a random number generation method based on a piecewise linear one dimensional (PL1D) discrete time chaotic maps is proposed for applications in cryptography and steganography. Appropriate parameters are determined by examining the distribution of underlying chaotic signal and random number generator (RNG) is numerically verified by four fundamental statistical test of FIPS 140-2. Proposed design is practically realized on the field programmable analog and digital arrays (FPAA-FPGA). Finally it is experimentally verified that the presented RNG fulfills the NIST 800-22 randomness test without post processing.

Virtualized environments are widely thought to cause problems for software-based random number generators (RNGs), due to use of virtual machine (VM) snapshots as well as fewer and believed-to-be lower quality entropy sources. Despite this, we are unaware of any published analysis of the security of critical RNGs when running in VMs. We fill this gap, using measurements of Linux's RNG systems (without the aid of hardware RNGs, the most common use case today) on Xen, VMware, and Amazon EC2. Despite CPU cycle counters providing a significant source of entropy, various deficiencies in the design of the Linux RNG makes its first output vulnerable during VM boots and, more critically, makes it suffer from catastrophic reset vulnerabilities. We show cases in which the RNG will output the exact same sequence of bits each time it is resumed from the same snapshot. This can compromise, for example, cryptographic secrets generated after resumption. We explore legacy-compatible countermeasures, as well as a clean-slate solution. The latter is a new RNG called Whirlwind that provides a simpler, more-secure solution for providing system randomness.