Add to collection(s) Add to saved
  1. No category

Pseudorandom Number generators

advertisement 
Pseudorandom Number
Generators
Randomness and Security
• Many cryptographic protocols require the
parties to generate random numbers.
• All the hashing algorithms that encrypt their
inputs use a second random input known as a
seed.
TRNG & PRNG
We can distinguish two different kinds of random number
generation:
• True random number generator (TRNG): A TRNG generates bits
that are distributed uniformly at random, so that all outputs are
equally likely, and with no patterns, correlations, etc.
-Coin flip
• Cryptographically secure pseudorandom number generator
(CS-PRNG): A CS-PRNG generates a sequence of bits that
appear, as far as anyone can tell, to be indistinguishable from
true random bits.
– Use true-random seed,
– CS-PRNGs use cryptographic techniques to achieve its task.
Random Number generation
In most systems the random number generation process is
structured as follow:
• 1. Generate a seed: We typically use a TRNG to generate a
short seed that is truly random. The seed only needs to be
long enough to prevent someone from guessing it (e.g. 128
bits).
EX: A high-speed clock, A soundcard, Keyboard input, Disk timings
• 2. Generate pseudorandom output, using this seed: We
then use a CS-PRNG to stretch the seed to a long
pseudorandom output. Modern cryptographic CS-PRNGs
allow to generate an essentially unlimited amount of
output (billions of bits are no problem).
LFSR: Linear Feedback Shift Register

Example:
4-bit LFSR
b0
b1
b2
b3
add to pseudo-random sequence
• The seed is the initial state
– For example, if the seed is 1001, the generated
sequence is 1001101011110001001…
• Repeats after 15 bits (24-1)
slide 5
Generation of Pseudorandom number
• Each call to rand () returns a pseudorandom
value in the range 0 to RAND MAX, calculated as
a deterministic function of the seed. Also,
srand(s) sets the seed to s.
v1 = rand() % 100; // v1 in the range 0 to 99
v2 = rand() % 100 + 1; // v2 in the range 1 to 100
v3 = rand() % 30 + 1985; // v3 in the range 1985-2014
Generation of Pseudorandom number
• what is wrong with the following code?
Answer
•
-
-
Anyone who guess the time at which the key was generated can apply the very same
algorithm to infer each of the bytes of the key.
For instance, if Alice generates a new session key at the start of each session using this code,
then anyone who eavesdrops on a session will probably be able to determine the time of day
on Alice's machine at the start of the session (and hence the seed passed to srand()) and
then decrypt everything that is encrypted using this session key.
Even if the eavesdropper doesn't know at what time the key was generated, there just aren't
that many possibilities. For instance, suppose we know the key was generated this year.
There are 3600 × 24 × 365 = 31536000 ≈ 225 seconds in a year. This means that, if I can
narrow down when the key was generated to within a one-year window, then there are only
225 possible values for the seed passed to srand().
Generation of Pseudorandom number
Generation of Pseudorandom number
• Output:
57737356428231084460
06395980181538576168
74585027253648420685
72192873875538192617
91357661884728081140
• Frequency of each symbols is almost the samefrequency of a pair of symbols is roughly the
same
Is It Really Random?
• Statistical uniformity is not the same as
unpredictability.
• In general it is hard to measure randomness.
• There are some tests.
• example is NIST test suit
Graphical password
The Brain Deals with Faces Differently
than Any Other Image
Face recognition is a
dedicated process
which is different from
general object
recognition.
Source: Face Recognition: A Literature Survey.
National Institute of Standards and Technology
Passface
• There is demo
http://www.passfaces.com/demo/registered_p
age.php
Empirical Results
• Experimental study of 154 computer science
students at Johns Hopkins and Carnegie Mellon
• Conclusions:
– “… faces chosen by users are highly affected by the face
of the user… the gender and attractiveness of the faces
bias password choice… In the case of male users, we
found this bias so severe that we do not believe it
possible to make this scheme secure against an online
attack…”
• 2 guesses enough for 10% of male users
• 8 guesses enough for 25% of male users
slide 15
User Quotes
• “I chose the images of the ladies which appealed
the most”
• “I simply picked the best lookin girl on each page”
• “In order to remember all the pictures for my login
(after forgetting my ‘password’ 4 times in a row) I
needed to pick pictures I could EASILY remember...
So I chose beautiful women. The other option I
would have chosen was handsome men, but the
women are much more pleasing to look at”
slide 16
WebScarab
• https://www.owasp.org/index.php/WebScara
b_Getting_Started
Related documents
Plants Flashcards
Plants Flashcards
Genotype x Environment x Management interactions
Genotype x Environment x Management interactions
Bot3404_11_week2.2 - Ecological Evolution - E
Bot3404_11_week2.2 - Ecological Evolution - E
Worksheet 5
Worksheet 5
Field Crew Leader for Community Ecology and Seed Dispersal
Field Crew Leader for Community Ecology and Seed Dispersal
Seed Dispersal - Science Case Network
Seed Dispersal - Science Case Network
pseudorandom numbers - e
pseudorandom numbers - e
Lecture17 RandomNumbers (1)
Lecture17 RandomNumbers (1)
Design and evaluation of random number generators Abstract
Design and evaluation of random number generators Abstract
Download
advertisement