Course: Principles Of Information Security Spring 2022

Theoretical Foundation Of the code

Prepared by: Punit Sharma

1 Abstract
In this assignment we have to implement various cryptography / encryption tools, like hashing,
random number generator, collision resistant hash function and other.

Figure 1: Tasks

2 Introduction

Random Number Generation

1
 In cryptography randomness is important because it removes any reasoning and therefore any pre-
dictability.

The difference between True Random and Pseudo-random Pseudo-random :

Most standard libraries for random number generation will produce pseudo-random numbers.
These are numbers that satisfy at least one test for randomness but are generated by a deter-
ministic causal process. This ultimately means that they are not true random numbers because
the process will produce the same set of ‘random’ numbers in each run.All that would be needed
for an attacker to attain the pseudo-random numbers used in encryption is the algorithm used for
generating the numbers and the initial input passed to that algorithm (also called ”seed”).

Randomness is used to obscure links between keys and messages and to remove any pattern in
choices of secure numbers. The fact that most computerized random number generators are de-
terministic means that the numbers generated come from a finite pool and will ultimately at some
point repeat and follow some pattern. Recognition of this pattern renders the so-called random
number generation non-random to those with information on the system.

Why do we need Random Numbers:

The importance of random numbers is not in the number itself (they are common numbers, if
taken individually) but in the way they are generated.
Modern technology is based on these numbers: communication protocols, cryptography, games do
heavily usage of them and their whole security and unpredictability depend on them.

3 Pseudo Random Generators and Pseudo Random Function

PRG (Pseudo Random Generator):
You probably know the difference between stream and block cipher. One of the main differences
between them is key size. Stream ciphers require the key to be of equal length of greater than the
plaintext , whereas Block Ciphers take a key smaller than the PT and is then expanded. This is
the PRG:

Given an initial seed, a PRNG produces a sequence of bit indistinguishable from a sequence pro-
duced by a real random source.

with l as a monotonically increasing function. That means the output is always longer than the
input (seed).
Starting from a simple PRNG H:

2
Figure 2: The PRG expands the seed

Figure 3: The PRG expands the seed

Figure 4: The PRG expands the seed

3
it is possible to build any PRNG in the form of G as follows:

Figure 5:

where x · (lambda of i) is a bit string, result of the concatenation between the bit string x and the
single bit . The H function generates a one bit longer sequence from the initial seed. By calling the
H function l(k) times and taking just the last bit from each iteration, we have generated a sequence
of l(k) bits. Obviously this function is G.

H function as one-way permutation

Choosing H as a one-way permutation it’s a good idea. H is a one-way permutation if it’s hard to
invert: given y, it’s difficult to calculate x such that H(x) = y.

4
 Figure 6:

A well known and widely used one-way permutation is the modular exponentiation. Given a prime
number p and an integer x such that 0 ¡ x ¡ p-1,

Building the PRG

Now we can build a good PRNG based on the definition we gave of H and G. G is a function
(actually the PRNG itself) that, given a kbit-string in input, outputs a l(k)bit-string and no ran-
domised algorithm can say if the string produced is generated by a real random source or not; H
is a function that helps to find those pseudorandom bit.

Figure 7:

Figure 8:

5
Using PRF to build CBC MAC

Figure 9: Mathematical description

Figure 10: