entropy estimation on the basis
play

Entropy Estimation on the Basis Stochastic Model of a Stochastic - PowerPoint PPT Presentation

Dec 29, 2023 •184 likes •402 views

Entropy Estimation on the Basis of a Entropy Estimation on the Basis Stochastic Model of a Stochastic Model Werner Schindler Bundesamt f ur Sicherheit in der Werner Schindler Informations- technik Bundesamt f ur Sicherheit in der

  1. Entropy Estimation on the Basis of a Entropy Estimation on the Basis Stochastic Model of a Stochastic Model Werner Schindler Bundesamt f¨ ur Sicherheit in der Werner Schindler Informations- technik Bundesamt f¨ ur Sicherheit in der Informationstechnik (BSI) (BSI) Bonn, Germany Motivation and Background Presented by Peter Birkner The Stochastic Model Experiences with the AIS Gaithersburg, May 2, 2016 31 Conclusion

  2. Introduction Entropy Estimation on the Basis of a Stochastic Model Werner Motivation and Background Schindler Bundesamt Stochastic model f¨ ur Sicherheit in der Definition and objective Informations- technik Illustrating examples (BSI) Health tests (online tests) Motivation Experiences with the AIS 31 and Background Conclusion The Stochastic Model Experiences with the AIS 31 Conclusion

  3. NIST SP 800-90B [4] Entropy Estimation on the Basis of a Stochastic Model Werner Schindler Entropy estimation is the most critical part of a security Bundesamt f¨ ur Sicherheit evaluation of a physical RNG. in der Informations- Among others [4], Subsection 3.2.2, demands that the technik (BSI) documentation ... shall include a description of how the noise source works and rationale about why the noise Motivation and source provides acceptable entropy output,... Background The Stochastic Model Experiences with the AIS 31 Conclusion

  4. Entropy estimation Entropy Estimation on the Basis of a Stochastic Model Unfortunately, entropy cannot be measured like voltage Werner Schindler and temperature. Bundesamt f¨ ur Sicherheit Instead, entropy is a property of random variables. in der Informations- In the following we interpret random numbers as technik (BSI) realizations of (i.e. as values taken on by) random Motivation variables. and Background We present a field-tested method for the estimation of the The entropy of physical RNGs. Stochastic Model Experiences with the AIS 31 Conclusion

  5. Notation Entropy Estimation on the Basis of a Stochastic In the following we use the terminology of SP 800-90B [4]. Model In particular, Werner Schindler digitized data = data after the digitization of the analog Bundesamt f¨ ur Sicherheit signals in der raw data = data after (non-cryptographic) postprocessing Informations- technik (BSI) NOTE: In the literature also other definitions are widespread. In particular, Motivation and raw random numbers (or digitized analog signals) = data Background after digitization The internal random numbers = data after (non-cryptographic Stochastic Model / cryptographic) postprocessing Experiences with the AIS 31 Conclusion

  6. What is a stochastic model? Entropy Estimation on the Basis of a Stochastic Ideally, a stochastic model specifies a family of probability Model distributions, which contains the true (but unknown) Werner Schindler distribution of the raw data (interpreted as realizations of Bundesamt f¨ ur Sicherheit random variables). in der Informations- In a second step therefrom the (average gain of) entropy technik (BSI) per raw data bit is estimated. Motivation In most cases it is yet easier to develop and to verify a and Background stochastic model for the digitized data (or, alternatively, The for suitable ’auxiliary random variables’). Stochastic Model → entropy(digitized data) → entropy(raw data) Experiences with the AIS 31 Conclusion

  7. Example 1: Coin tossing Entropy Estimation on the Basis of a Stochastic Model A coin is tossed N times (’head’ c 1, ’tail’ c 0’). Werner Schindler We interpret the observed outcome x 1 , . . . , x N (= digitized Bundesamt f¨ ur Sicherheit data) of N coin tosses as realizations of random variables in der Informations- X 1 , . . . , X N . technik (BSI) The random variables X 1 , . . . , X N are assumed to be iid (independent and identically distributed). Motivation and Justification: A coin has no memory. Background The p := Prob ( X j = 1) ∈ [0 , 1] with unknown parameter p . Stochastic Model Experiences with the AIS 31 Conclusion

  8. Example 1: Entropy estimation Entropy Estimation on X 1 , . . . , X N are iid = ⇒ H ( X 1 , . . . , X N ) / N = H ( X 1 ) the Basis of a (= (average) entropy per coin toss) where Stochastic Model Werner H ( X 1 ) = − ( p log 2 ( p )+(1 − p ) log 2 (1 − p )) (Shannon entropy) Schindler Bundesamt f¨ ur Sicherheit in der Equivalently, H min ( X 1 , . . . , X N ) / N = H min ( X 1 ) with Informations- technik (BSI) H min ( X 1 ) = min {− log 2 ( p ) , − log 2 (1 − p ) } (min entropy) Motivation and Background x 1 + · · · + x N p := p (estimator for p ) The N Stochastic Model Substituting p p into the above formulae provides estimators Experiences with the AIS for the Shannon entropy and for the min entropy per coin 31 toss. Conclusion

  9. Example 1: Stochastic model Entropy Estimation on the Basis of a Stochastic Model A stochastic model is not a physical model. In Example 1 Werner Schindler a physical model would consider the impact of the start Bundesamt f¨ ur Sicherheit conditions and the mass distribution within the coin etc. in der Informations- on the trajectory. technik (BSI) It is much easier to develop and to verify a stochastic model than a physical model. Motivation and Background In our coin tossing example the stochastic model defines a The 1-parameter family of probability distributions. Stochastic Model Experiences with the AIS 31 Conclusion

  10. Real world RNGs Entropy Estimation on the Basis For real world physical RNGs the derivation of the of a Stochastic stochastic model is more complicated. The stochastic Model model should be confirmed by engineering arguments and Werner Schindler experiments. Bundesamt f¨ ur Sicherheit in der Typically, a stochastic model specifies a 1-, 2- or a Informations- technik 3-parameter family of distributions. (BSI) If the digitized data are not iid the increase of entropy per Motivation random bit has to be considered. and Background During the life cycle of the RNG the true distribution shall The Stochastic remain in the specified family of probability distributions, Model also if the quality of the random numbers goes down Experiences with the AIS ( → health tests). 31 Conclusion

  11. Example 2: Killmann, Schindler (CHES 2008)[6] Entropy Estimation on the Basis of a Stochastic Model Werner Schindler Bundesamt f¨ ur Sicherheit in der Abbildung: RNG with two noisy diodes, c.f. Fig. 1 in [6] Informations- technik (BSI) Stochastic model (for y 1 , y 2 , . . . ) Motivation and t n : time between the ( n − 1) th and the n th upcrossing Background The T 1 , T 2 , . . . is stationary (mild assumption) - . . . . . . - Stochastic Model Y 1 , Y 2 , . . . is stationary Experiences 2-parameter family of distributions (depends on the with the AIS 31 expectation and the generalized variance of T 1 ) Conclusion details: see [6]

  12. Example 3: Haddad, Fischer, Bernard, Nicolai [5] Entropy Estimation on the Basis of a Stochastic Model Source of randomness: transient effect ring oscillator Werner Schindler (TERO) Bundesamt f¨ ur Sicherheit Thorough analysis of the electric processes in the TERO in der Informations- structure technik (BSI) → stochastic model of the TERO Motivation → stochastic model of the complete RNG and Background Implementation of the RNG design on a 28 nm CMOS The ASIC Stochastic Model Experiences with the AIS 31 Conclusion

  13. Health tests (online tests) Entropy Estimation on the Basis of a Stochastic Model Health tests, which are universally effective for any RNG Werner design, do not exist. Schindler Bundesamt The health test (online test) should be tailored to the f¨ ur Sicherheit in der stochastic model. The health test should detect Informations- technik non-tolerable deficiencies of the random numbers (BSI) sufficiently soon. Motivation and Example 1: A monobit test would be suitable. Background If # ’1’s deviates significantly from sample size / 2 The Stochastic - indicator that p is (no longer) acceptable. Model Experiences with the AIS 31 Conclusion

  14. AIS 20 [1] / AIS 31 [2] Entropy Estimation on the Basis of a Stochastic Model In the German evaluation and certification scheme the Werner evaluation guidance documents Schindler Bundesamt AIS 20: Functionality Classes and Evaluation Methodology f¨ ur Sicherheit in der for Deterministic Random Number Generators Informations- technik AIS 31: Functionality Classes and Evaluation Methodology (BSI) for Physical Random Number Generators Motivation have been effective since 1999, resp. since 2001. and Background NOTE: The mathematical-technical reference [3] was The updated in 2011. Stochastic Model Experiences with the AIS 31 Conclusion

  15. Functionality classes Entropy Estimation on the Basis of a Stochastic Model Werner Schindler Bundesamt f¨ ur Sicherheit in der Informations- technik (BSI) Motivation and Background The Stochastic Model Experiences with the AIS 31 Conclusion

  16. Miscellaneous Entropy Estimation on the Basis The AIS 20 and the AIS 31 are technically neutral. of a Stochastic Model For physical RNGs (PTG.2, PTG.3) a stochastic model is Werner mandatory. The digitized data shall be stationary Schindler Bundesamt distributed. f¨ ur Sicherheit in der The applicant for a certificate and the security lab have to Informations- technik give evidence that the RNG meets the class-specific (BSI) requirements. Motivation and Further documents support the tasks of the developer and Background the evaluator. The Stochastic For sensitive applications the BSI prefers RNGs, which Model belong to the functionality classes PTG.3, DRG.4 or Experiences with the AIS DRG.3. 31 Conclusion

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Entropy, Relative Entropy, Cross Entropy Entropy Entropy, H(x) is a measure of the uncertainty of

Entropy, Relative Entropy, Cross Entropy Entropy Entropy, H(x) is a measure of the uncertainty of

Entropy, Relative Entropy, Cross Entropy Entropy Entropy, H(x) is a measure of the uncertainty of a discrete random variable. Properties: H(x) >= 0 Entropy Entropy Lesser the probability for an event, larger the entropy.

471 views • 21 slides
Maximum Entropy Inverse Reinforcement Learning Nomenclature Basis Feature Expectation Matching

Maximum Entropy Inverse Reinforcement Learning Nomenclature Basis Feature Expectation Matching

Maximilian Luz Algorithms for Imitation Learning Summer Semester 2019 MLR/IPVS Maximum Entropy Inverse Reinforcement Learning Nomenclature Basis Feature Expectation Matching Principle of Maximum Entropy Maximum Entropy IRL Algorithm and

479 views • 22 slides
Eff Efficient Entr icient Entropy opy Est Estimation imation for for Mutua Mutual l

Eff Efficient Entr icient Entropy opy Est Estimation imation for for Mutua Mutual l

Efficient entropy estimation for MIA using B-splines Eff Efficient Entr icient Entropy opy Est Estimation imation for for Mutua Mutual l Information Information Analys Analysis is using using B-splines splines Alexandre VENELLI IML

871 views • 25 slides
Entropy and The Second Law of Thermodynamics Entropy (S)

Entropy and The Second Law of Thermodynamics Entropy (S)

Entropy and The Second Law of Thermodynamics Entropy (S) Entropy is o8en related to disorder but not strictly correct Entropy is a measure

351 views • 8 slides
Formal Modeling in Cognitive Science Lecture 25: Entropy, Joint Entropy, Conditional Entropy 1

Formal Modeling in Cognitive Science Lecture 25: Entropy, Joint Entropy, Conditional Entropy 1

Entropy Entropy Formal Modeling in Cognitive Science Lecture 25: Entropy, Joint Entropy, Conditional Entropy 1 Entropy Entropy and Information Joint Entropy Frank Keller Conditional Entropy School of Informatics University of Edinburgh

81 views • 4 slides
A comparison of algorithms for maximum entropy parameter estimation Robert Malouf

A comparison of algorithms for maximum entropy parameter estimation Robert Malouf

A comparison of algorithms for maximum entropy parameter estimation Robert Malouf Alfa-Informatica Rijksuniversiteit Groningen Postbus 716 9700AS Groningen The Netherlands malouf@let.rug.nl Draft of May 15, 2002 Abstract representations is

103 views • 9 slides
Two problems from neural data analysis: Sparse entropy estimation and efficient adaptive

Two problems from neural data analysis: Sparse entropy estimation and efficient adaptive

Two problems from neural data analysis: Sparse entropy estimation and efficient adaptive experimental design Liam Paninski Department of Statistics and Center for Theoretical Neuroscience Columbia University http://www.stat.columbia.edu/

702 views • 38 slides
Predictive Models for Min-Entropy Estimation John Kelsey Kerry A. McKay Meltem S onmez Turan

Predictive Models for Min-Entropy Estimation John Kelsey Kerry A. McKay Meltem S onmez Turan

Predictive Models for Min-Entropy Estimation John Kelsey Kerry A. McKay Meltem S onmez Turan National Institute of Standards and Technology meltem.turan@nist.gov September 15, 2015 Kelsey, McKay, Turan Predictive Models for Min-Entropy

645 views • 33 slides
Entropy Rate Estimation for Markov Chains with Large State Space Yanjun Han Stanford EE Jiantao

Entropy Rate Estimation for Markov Chains with Large State Space Yanjun Han Stanford EE Jiantao

Entropy Rate Estimation for Markov Chains with Large State Space Yanjun Han Stanford EE Jiantao Jiao Berkeley EECS ChuanZheng Lee Stanford EE Tsachy Weissman Stanford EE Yihong Wu Yale Stats Tiancheng Yu Tsinghua EE NIPS 2018,

802 views • 23 slides
Entropy Coding Definition of Entropy Three Entropy coding techniques: (taken from the

Entropy Coding Definition of Entropy Three Entropy coding techniques: (taken from the

Outline Entropy Coding Definition of Entropy Three Entropy coding techniques: (taken from the Technion) Huffman coding Arithmetic coding Lempel-Ziv coding 2 Entropy Definitions Alphabet : A finite set containing at least

402 views • 10 slides
Estimation of concentration and fluxes of passive gases on the basis of data assimilation system

Estimation of concentration and fluxes of passive gases on the basis of data assimilation system

Institute of Computational Technologies of the Siberian Branch of the Russian Academy of Sciences 6 Acad. Lavrentjev avenue 630090 Novosibirsk Estimation of concentration and fluxes of passive gases on the basis of data assimilation system

535 views • 16 slides
Road detection via entropy By Anna Zaidman 1 1 What is entropy? Entropy is a mathematically

Road detection via entropy By Anna Zaidman 1 1 What is entropy? Entropy is a mathematically

Road detection via entropy By Anna Zaidman 1 1 What is entropy? Entropy is a mathematically - defined thermodynamic quantity that helps to account for the flow of energy through a thermodynamic process. 2 What is

467 views • 13 slides
Estimating the Value of Information Ohad Kadan and Asaf Manela Washington University in St. Louis

Estimating the Value of Information Ohad Kadan and Asaf Manela Washington University in St. Louis

Intro Theory Estimation Results Robustness Entropy and RE Conclusion Estimating the Value of Information Ohad Kadan and Asaf Manela Washington University in St. Louis May 2018 Intro Theory Estimation Results Robustness Entropy and RE

920 views • 62 slides
E N T R O P Y S T R U C T U R E Entropy versus resolution Tomasz Downarowicz MOTIVATION

E N T R O P Y S T R U C T U R E Entropy versus resolution Tomasz Downarowicz MOTIVATION

E N T R O P Y S T R U C T U R E Entropy versus resolution Tomasz Downarowicz MOTIVATION Entropy measures exponential complexity in a topological dynamical system: topological entropy very crude, entropy function on invariant

556 views • 23 slides
Chapter 2 Entropy, Relative Entropy, and Mutual Infor- mation Peng-Hua Wang Graduate Institute

Chapter 2 Entropy, Relative Entropy, and Mutual Infor- mation Peng-Hua Wang Graduate Institute

Chapter 2 Entropy, Relative Entropy, and Mutual Infor- mation Peng-Hua Wang Graduate Institute of Communication Engineering National Taipei University Chapter Outline Chap. 2 Entropy, Relative Entropy, and Mutual Information 2.1 Entropy 2.2

752 views • 51 slides
Huffman Encoding 13-Oct-11 Entropy Entropy is a measure of information content: the number of

Huffman Encoding 13-Oct-11 Entropy Entropy is a measure of information content: the number of

Huffman Encoding 13-Oct-11 Entropy Entropy is a measure of information content: the number of bits actually required to store data. Entropy is sometimes called a measure of surprise A highly predictable sequence contains little actual

293 views • 16 slides
Entropy as a Service Unlocking the full potential of cryptography Apostol Vassilev Robert

Entropy as a Service Unlocking the full potential of cryptography Apostol Vassilev Robert

Entropy as a Service Unlocking the full potential of cryptography Apostol Vassilev Robert Staples STVM/CSD/NIST A perspective: cryptography evolves very fast to provide security in cyberspace Emerging crypto technologies - lightweight crypto

199 views • 17 slides
the EMFF programme ENTREFISH Final Workshop 26 th February 2019, Brussels What is EASME?

the EMFF programme ENTREFISH Final Workshop 26 th February 2019, Brussels What is EASME?

Supporting Blue Careers through the EMFF programme ENTREFISH Final Workshop 26 th February 2019, Brussels What is EASME? Evaluation Four areas of action: Grant Agreement Preparation SME support Project Environment follow-up

265 views • 10 slides
Technology Centre Systems e Systems Programme (TCSP) An initiative of Ministry Ministry of MSME

Technology Centre Systems e Systems Programme (TCSP) An initiative of Ministry Ministry of MSME

Technology Centre Systems e Systems Programme (TCSP) An initiative of Ministry Ministry of MSME Government ernment of India Journey so far First Technology Centre at Hyderabad in 1969 1969 18 existing TCs operating in a self

235 views • 9 slides
Entrepreneurial Creativity in the City Darja Reuschke with Donald Houston (University of

Entrepreneurial Creativity in the City Darja Reuschke with Donald Houston (University of

www.workandhome.ac.uk Entrepreneurial Creativity in the City Darja Reuschke with Donald Houston (University of Portsmouth) and Jed Long (UWO) ERC Starting Grant 639403 WORKANDHOME Cities, creativity, innovation Small establishments

195 views • 19 slides
Thermodynamics Slide 3 / 93 Chemical Thermodynamics The Golden Gate Bridge is painted regularly

Thermodynamics Slide 3 / 93 Chemical Thermodynamics The Golden Gate Bridge is painted regularly

Slide 1 / 93 Slide 2 / 93 Thermodynamics Slide 3 / 93 Chemical Thermodynamics The Golden Gate Bridge is painted regularly to slow down the inevitable rusting of the iron on the bridge. In this unit you will study how heat and temperature

882 views • 31 slides
Stochastic Thermodynamics of Langevin systems under time-delayed feedback control M.L. Rosinberg

Stochastic Thermodynamics of Langevin systems under time-delayed feedback control M.L. Rosinberg

New Frontiers in Non-equilibrium Physics 2015 Stochastic Thermodynamics of Langevin systems under time-delayed feedback control M.L. Rosinberg in coll. with T. Munakata (Kyoto), and G. Tarjus (Paris) LPTMC, CNRS and Universit. P. et M.

326 views • 29 slides
Entropy and sustainable investment beliefs: A simple metric for analysing belief organisation Dane

Entropy and sustainable investment beliefs: A simple metric for analysing belief organisation Dane

Entropy and sustainable investment beliefs: A simple metric for analysing belief organisation Dane Rook University of Oxford D.Phil. Researcher, Geography & the Environment dane.p.rook@ouce.ox.ac.uk [How] can investors make long term

419 views • 16 slides
Musings on the Logistic Map Shane Celis and Yun Tao PHY 256 Hypothesis Entropy rate

Musings on the Logistic Map Shane Celis and Yun Tao PHY 256 Hypothesis Entropy rate

Musings on the Logistic Map Shane Celis and Yun Tao PHY 256 Hypothesis Entropy rate measures randomness Lyapunov exponent measures randomness Is there a relationship between the two? Perhaps theres a functional form something

203 views • 16 slides

More recommend