A Paper On Mysterious Solution To Hackers: Random Number Generators

PRESENTED BY A.Chandrasekhar(I B.TECH, CSE) & K.S.Maha Teja (I B.TECH,CSE) NIZAM INSTITUTE OF ENGINEERING & TECHNOLOGY

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING HYDERABAD

E-Mail:chandu_angadala@yahoo.co.in

ABSTRACT
Good cryptography requires good random numbers. Almost all cryptography protocols require the generation and use of secret values that must be unknown to attackers. A RNG for cryptography applications should appear to computationally bounded adversaries to be close as possible to a perfect RNG. Most “random” number sources actually utilize a pseudo random generator (PRNG). PRNGs use deterministic processes to generate a series of outputs from an initial seed state. Because the output is purely a function of seed data, the actual entropy of be output can never exceed the entropy of the seed. It can, however, be computationally infeasible to distinguish PRNG from a perfect RNG. This paper evaluates the hardware based random number generator (RNG) for use in cryptography application. The paper simulates the fastest and efficient algorithm towards the random number generator and the function generating 50% time different values.

Introduction

Random numbers refers to” a sequence of independent numbers with a specified distribution and a specified probability of falling in any given range of value”. As a result, the ideal random number generator will provide a stream of uniformly distributed, non-deterministic, independent bits over an infinite data set. The mathematical evaluation of randomness is difficult, it is possible to use statistical analysis on sample data sets to detect characteristics that point to “non_randomness”. Random number generation can be divided into two categories:  True random number generation: With true random number generation the next random number generated is not known, and the sequence of random numbers cannot be generated.  Pseudo random number generation: With pseudorandom number generation a sequence of random numbers is generated using a known algorithm, and the exact same sequence can be regenerated.For software based systems, it is very desirable to use a pseudorandom number generator to be able to test the software system with a repeatable set of random numbers, so one can re_run a test to the exact same random numbers being used. Also with a pseudo random number generator that has been formally evaluated, one can be sure of the resulting of sequence numbers.

Security Enhancement By RNGs
The strength of the security mechanism like encryption algorithm is directly proportional to the randomness of the numbers it uses. While many available solutions use cryptically strong algorithms, they start from random seed that are not truly random and unpredictable.Cryptographic applications demand a high level of randomness to maintain the needed level of confidentiality and security. The increased randomness of RNG produces random numbers that can increase the strength of the three major elements of cryptography:  Authentication: Random numbers are used to authenticate client systems that want access protect information stored on a server.  Confidentiality: Random numbers play a critical role in generating cryptographic keys used for encrypting and/or decrypting data and thus ensuring that an unauthorized person who intercepts a transaction won’t be able to extract meaningful information.

 Integrity: Random numbers are an important part of digital signatures and cryptographic hashes, so that transactions aren’t modified as they travel from a sender to an intended recipient.

Hardware Vs Software RNG’S:
PRNG’s employ a mathematical algorithm for number generation, all PRNG’s possess the following properties:  A seed value is required to initialize the equation.  The sequence will cycle after a particular period. Therefore, application developers who require non-deterministic output from its PRNG must take pains to provide an unguessable seed value and an algorithm with a period that is sufficiently long. The software manufacturer must possess enough understanding of the PRNG implementation to prevent its properties from producing undesirable results for its users. Hardware RNGs are non deterministic by nature-no algorithm can be used to predetermine subsequent bits. Thus, hardware RNGs are not susceptible to intrusion by algorithm disassembly or disclosure. With the use of hardware RNGs, software manufacturers do not need to hire developers with PRNG expertise nor pay fees for a third-party PRNG solution.However, software manufacturers still need to select hardware RNG with a quality design and implementation from a reliable vendor. A quality design and Implementation includes engineering to prevent failure, thorough testing to detect defects and non-random output, and software support for easy integration in to applications.

APPROACHES IN IMPLEMENTING SIMPLE RNGS
Two different approaches in a simple random number generator are: 1.Table based method 2.Equation based method The table-based approach uses a table of 128 selected values and generates a sequence of 16,384 values. Figure 1 shows a set of values generated from a table based algorithm. Value pairs were plotted in XY space to see if patterns were seen. The lines are the window averages for 128(blue), 32(purple) and 8(red) values.

Figure 1.Pairs of number from table based sequence plotted, along with average window values. An equation-based method uses a seed value, and for each random number this seed value is used in an equation to generate a new seed value and also the random number. A classic equation for generating random numbers is: unsigned long seed; …. seed=1664525L*seed+1013904223L; A generic equation is in the form: seed= multiplier*seed+adder

Hardware Implementation of RNGs
A true random number generator can be implemented in hardware using a white-noise source. In figure a hardware circuit is detailed which is used to generate random numbers using a pair of transistors.

HARDWARE ALGROITHM FOR RNG

RNG sample process: The goal of this routine is to sample bits from the hardware RNG and output a stream of unbiased random bits. Each time this function is called, a single sample is taken. When we have accumulated two samples, we compare them, and if they are the same, we throw them away and return. If they are different, we output the value of one sample. Rng_sample_process Clfr Btfc FSR status, z : set bank 0 : sleep time remaining-> w : skip if we’re asleep ; process is awake and running ; elapsed jiffles->w ; skip if riffles have elapsed ; no jiffles elapsed- keep sleeping ; substarct elapsed from remaining sleep time ; C is 1 if result is positive or zero btfss status, c Goto rng_running Btfsc status, z Goto rng_running Retlw 0 ; was result negative? ; yes, time to wake up ( also, we overslept) ; was result zero? ; yes, time to wake up ; keep sleepin Movf RNG_jifs, w Goto rng_running Movf elapsedjif, w Btfsc status, z Retlw 0 Subwf rng_jifs, f

rng_running clrf RNG_JIFS ; delay a little between distream samples ; assume sample bit is 0 ; sample bit is 1 ; no, keep sampling ; nahh, let’s sample a bit every time through ; incf RNG_JIFS< f bcf status, c bsf STATUS, C retlw 0

btfss RNG_PORT, RNG_BIT; if sample level is high, data is 0 rlf RNG_SAMPLE, 2 ; Have we taken two samples?

;Evaluate most recent sample pair and use only if bits deffer movf RNG_SAMPLE, w clrf RNG_SAMPLE bsf RNG_SAMPLE, 0 ; set sentinel bit for next pair movwf TEMP rrf temp, f xorwf TEMP btfss temp, f retlw 0 bcf STATUS, C btfsc TEMP, 1 bsf STATUS, C rlf RNF_BYTE, f desfsz RNG_COUNT, F Retlw 0 movf XMIT_FORMAT, w movwf RNG_FINAL bsf XMIT_STATE, 1 clrf RNG_BYTE retlw 0 ; -------------------------------------------------------------------------------------------------xmit_random ; Do nothing if there’s a data byte waiting to be picked up btfsc CLR_PORT; CLR_BIT; skip if data available bit is zero RETLW 0 : data available bit is set – do nothing ; Do nothing if there’s no accumulated data to transist btfss XMIT_STATE, 1 ; Is there data ready? Retlw 0 ; We get to generate a byte! Bcf XMIT_STATE, 1 ; clear data ready flag so we don’t re-send ; no, keep waiting ; Queue data for transmission by xmit_random ; leave second sample in W,0 ; shift first sample in w,0 ; first bit XOR second bit-> TEMP,0 ; were bits different, ; no keep sampling ; ASSUME RANDOM BIT IS 0 ; ; random bit is 1 ; Accumlate random bit ; Have we accumulated enough bits? ; no, keep sampling ; load samples

; TEMP, I is now (1 XOR First sample) so let’s use it

; Do something with accumulated random bits in RNG_BYTE

Movwf Port B Bsf INT_PORT, INT_BIT

; Set the output pins ; raise the data available line

; we need to delay at least 100 nanoseconds. At 20 Mhz, 2 ticks ; is 100ns. At 50Mhz, 5 ticks is 100ns. At 75Mhz, 8 ticks ; is 106 ns. Nop Nop Nop Bcf INT_PORT, INT_BIT; lower the data- available line to interrupt retlw 0 end

Random Number generator Algorithms
This describes in detail the new random number generator (RNG) and nonce algorithms used in cryptosys.

1FIPS 140-2 Complaint Algorithm for generating N random bytes
Step1. Generate 32 pseudo- random bytes with the random nonce generator, using the user- supplied seed, if any. Step 2. Set the triple DES key, K, as the first 24 bytes generated in step 1, and set the seed, S, as the last 8 bytes. Step 3. Set D as a 64 – bit representation of the current date and time. A delay of one millisecond is deliberately introduced to prevent D being the same value on consecutive calls. Step 4. Generate the 64-bit block X0 = g(s,k,d) where G is the X9, 17RNG algorithm described in ANSI X9.17 Appendix C/ ANSI X9.31 Appendix A, S is updated as that algorithm. Step 5. Set up to carry out continuous random number generator tests: a. If a non –zero 32- bit string F has saved from earlier use of this algorithm, compare the first 32-bits in X0 with F. if they are equal, stop and notify a failure of the continuous random number generator test. b. If no non-zero 32-bit string F has been saved from an earlier use, set F as the first 32 bits of X0 c. Set L as the last 32 bits of X0. d. If L equals F, stop and notify a failure of the continuous random number generator test.

Step 6. For R = N until R is equal to zero, do: a. Generate a 64-bit block X = g (S, K, D), updating S in the process. b. Compare the first 32 bits of X with both F and L; if match then stop and notify a failure of the continuous random generator test. c. Set B= the lesser of R and 8 d. Output B bytes from X. e. Set R = r-b Step 7. Store the 32-bit F for subsequent use, and zeroes K, S, D, X, and any other internal buffers used.

Algorithm for generating N random nonce bytes
step1. Create a message block as follows: DT|| PID || TID || TC || MS Where • • • • • DT is a 64-bit representation of the current date – time PID is a 32-bit represents of the current process ID TID is a 32-bit represents of the current thread ID TC is a 32- bit represents of the system clock count MS is a 256-bit representation of the current system memory status.

Step 2. Pad the reminder of message block to 64 bytes using unspecified arbitrary bytes. Step 3. If the user has supplied an optional seed of M bytes, add these to the message block as follows: a. if M,+ 64, XOR the first M bytes of the message block with t6he seed bytes, i.e. for j=1 to M set block_byte (j) = block_byte (j) XOR seed_byte (j); or b. if M.64, repeatedly XOR the message block with the next 64 seed bytes until the remaining number of seed bytes is less than or equal to 64, then do as in (a). Step 4. For R= N until r is equal to zero, do: a. create a SHA-1 digest of the message block, replacing the first 20 bytes of the block with the message digest bytes. b. Set B = the lesser of R and 20. c. Output B bytes from the message block.

d. Set R=R-B. Step 5. Zeroes the message block.

Efficiency of RNGs (Random Number Generators)
The main idea about RNG is that it must generate a different value each time for about at least 50% of the size of the value, and if it can reach up to more than 75% of the size then it is very efficient program for example, if the program is supposed to generate 32-bits value size then it must at least able to generate 31-bits ( half, 50% of it) times successfully different values, i.e. the max value with in 2,147,483,648 times then it is not a good RNG, its life cycle length is short. Below is the code used in RSA 2048-bits encryption program. This RNG algorithm is based on time. Reasons for using this algorithm are: 1. Any hacker should NOT know when exactly the program start 2. Each user machine is different, the speed is also different, there fore there should be a few seconds different for a long run, which will resulted in different results. 3. This is fast. 4. It is 32-bits, compare to rand () (in C/C++ ) which is 16 bits.

// The value of SEED can be initialized to any value if preferred, to avoid hacker Static_int64 SEED = ox12345678; Static_int32*a = (_int 32*) & SEED; // a is half lower part Static_int32* b = (_int32*) & SEED +1;//b is the half upper part Void random_init (_int32init) { SEED^= INIT; *B^= * seed: return; } Unsigned_int32 random (void) { //a condition where ‘a’ toppest two bits value are set if (! (*a & 0xC000000)) random_init (time (NULL));//reinitialize //to avoid zero value after the shift also to give the strengthen no1

*a^= *b; SEED*= *a;//re-confuse…the strengthen no2 SEED<<=((*a%3)+4; //shift…the strengthen no2 If (*b==0)// avoid zero value random_init (time (NULL));// reinitialize return (*b); }

Conclusion
Many theoretical and numerical tests are available, but none can ever prove that an RNG is perfect. RNG is very important in IT industry; it is used in games, security, database, and a lot more. RNGs improve the integrity and security of cryptographic applications. The main idea about RNG is that it must generate a different value each time for about at least 50% of the size of the value, and if it can reach up to more than 75% of the size then it is very excellent program.

References:
1.Matsumoto, M.and Nishimura, T. (1998), "Mersenne - Twister: A 623Dimenionally Equidistributed Uniform Pseudo-Random Number Generator,". 2.Mauer, U., A Universal Statistical Test for Random Bit Generators. Advances in Cryptology- CRYPTO `90, Springer -verlag, 1990. 3.Press, William H.et al, "Numerical Recipes in C, second edition," 4.Implementation Guidance for FIPS PUB 140-1 and the Cryptographic Validation progarm, U.S.Department Of Commerce/ National Institute of standards Technology. Module and

Sign up to vote on this title
UsefulNot useful