R ANDOM NUMBER GENERATION ( SOFTWARE ) Two kind of software random - - PowerPoint PPT Presentation

r andom number generation software
SMART_READER_LITE
LIVE PREVIEW

R ANDOM NUMBER GENERATION ( SOFTWARE ) Two kind of software random - - PowerPoint PPT Presentation

Sep 15, 2023 22 likes •261 views

A C OMPARISON OF P SEUDORANDOM N UMBER G ENERATORS Riivo Talviste 3 rd Conference on Advanced Topics in Telecommunication Aug 14 15, 2009 I NTRODUCTION Cryptography in everyday life E-banking Estonian ID-card 2 I SSUES

slide-1
SLIDE 1

A COMPARISON OF PSEUDORANDOM NUMBER GENERATORS

Riivo Talviste 3rd Conference on Advanced Topics in Telecommunication Aug 14 – 15, 2009

slide-2
SLIDE 2

INTRODUCTION

 Cryptography in everyday life  E-banking  Estonian ID-card

2

slide-3
SLIDE 3

ISSUES

 Security  Good algotithms  Weak random number generators (RNGs)  Performance  RNG has to be fast enough

 Embedded systems  Non-specialized hardware

3

slide-4
SLIDE 4

CONTRIBUTION

 Analyse pseudorandom number generator libraries  Security  Performance

4

slide-5
SLIDE 5

RANDOM NUMBER GENERATION

 Measure physical phenomena  Radioactive decay  Radio waves from space  Special hardware needed  With non-specialized hardware  Require low-level access to device drivers  Operating systems provide these RNGs

 /dev/random and /dev/urandom in Linux  CryptoAPI in Windows

5

slide-6
SLIDE 6

RANDOM NUMBER GENERATION (SOFTWARE)

 Two kind of software random number generators:  Deterministic random bit generators aka pseudorandom

number generators (PRNGs)

 Non-deterministic random bit generators aka “true”

random number generators

 National Institute of Standards and Technology:  Several approved PRNGs  No approved “true” RNGs

6

slide-7
SLIDE 7

PSEUDORANDOM NUMBER GENERATOR SEED

 Security depends on seed – piece of data with

enough entropy

 Seed is initial value that is used to calculate all

subsequent values

 Seed has to chosen carefully

7

slide-8
SLIDE 8

TESTING ENVIRONMENT

 Tests for each PRNG  Written in C++  Generate 1 MB of random  Run 100 times, calculate average  Environment  Intel Core Duo CPU @ 1.83 GHz  2 GB RAM  32-bit Windows 7 RC  Cygwin 1.7

 With GCC 4.3.2

8

slide-9
SLIDE 9

C++ BUILT-IN RANDOM

 rand() declared in stdlib.h  Returns integer between 0 and RAND_MAX ≥ 32767  srand() used to seed PRNG  Not cryptograhically secure   Generates 1 MB of random in 2.77 ms

9

slide-10
SLIDE 10

CRYPTO++ LIBRARY

 Open source C++ class library  Includes several PRNGs  Version 5.6.0  Compiled under Cygwin with GCC 4.3.2

10

slide-11
SLIDE 11

CRYPTO++ LC_RNG

 Linear congruential generator  Not usable for cryptographic purposes   Generates 1 MB of random in 31.58 ms

11

slide-12
SLIDE 12

CRYPTO++ RANDOMPOOL

 Does not usually produce secure random numbers  After calling IncorporateEntropy() generates

cryptographically secure random data 

 Method not available in every environment  Generates 1 MB of random in 2 437.57 ms

12

slide-13
SLIDE 13

CRYPTO++ AUTOSEEDEDRANDOMPOOL

 Seeds itself with operating system provided RNG  Can use both blocking and non-blocking RNGs  Generates cryptographically secure random values   Generates 1 MB of random in 2 408.62 ms

13

slide-14
SLIDE 14

CRYPTO++ AUTOSEEDEDX917RNG

 PRNG from ANSI X9.17 Appendix C  Seeded with operating system provided PRNG  Suitable for cryptographic use   Can use different block ciphers  Generates 1 MB of random in  3 724.85 ms with DES cipher  2 386.19 ms with Rijndael (AES) cipher

14

slide-15
SLIDE 15

OPENSSL LIBRARY

 Open source toolkit  Implements Secure Socket Layer (SSL v2/v3) and

Transport Layer Security (TLS v1) protocols

 Version 0.9.8k, precompiled for Cygwin

15

slide-16
SLIDE 16

OPENSSL RAND_BYTES

 RAND_pseudorandom_bytes() → not for

cryptographic use

 RAND_bytes() → for cryptographic use   Entropy level can be increased by  Mixing memory into entropy pool  Collecting entropy from Windows events or screen

contents

 Generates 1 MB of random in 2 929.63 ms

16

slide-17
SLIDE 17

SNOW 2

 Stream cipher  Cryptographically secure   In theory not as secure as block ciphers  Generates 1 MB of random in 6.64 ms

17

slide-18
SLIDE 18

PRNG PERFORMANCE TEST RESULTS

PRNG name

  • Avg. time (ms)

C++ rand() 2.77 Crypto++ LC_RNG 31.58 Crypto++ RandomPool 2 437.57 Crypto++ AutoSeededRandomPool 2 408.62 Crypto++ AutoSeededX917RNG with DES 3 724.85 Crypto++ AutoSeededX917RNG with Rijndael 2 386.19 OpenSSL RAND_bytes() 2 929.63 SNOW 2 6.64

18

slide-19
SLIDE 19

THE SHAREMIND FRAMEWORK

 Distributed virtual machine  Allows to perform multiparty computation on secret

shared data.

 Three independent data-miners  Communicate over the netwotk, using special protocol  Almost all messages are encrypted

19

slide-20
SLIDE 20

MULTIPLICATION (X9.17 RNG)

20

100 200 300 400 500 600 700 800 900 10000 20000 30000 40000 50000 60000 70000 80000 90000 100000 Time (ms) Vector size Other Random Waiting InQueue OutQueue

slide-21
SLIDE 21

MULTIPLICATION (SNOW 2)

21

100 200 300 400 500 600 700 800 900 10000 20000 30000 40000 50000 60000 70000 80000 90000 100000 Time (ms) Vector size Other Random Waiting InQueue OutQueue

slide-22
SLIDE 22

COMPARISON OF AES AND SNOW 2

22

100 200 300 400 500 600 700 800 900 10000 20000 30000 40000 50000 60000 70000 80000 90000 100000 Time (ms) Vector size AES SNOW 2

slide-23
SLIDE 23

CONCLUSION

 Cryptography is used in our everyday life  More secure PRNGs take more time  Applications that make intensive use of random

number generators should use hardware security modules

23