On the Design of LIL Tests for (Pseudo) Random Generators and Some Experimental Results

NIST SP800-22 (2010) proposes the state of art testing suite for (pseudo) random generators to detect deviations of a binary sequence from randomness. On the one hand, as a counter example to NIST SP800-22 test suite, it is easy to construct functions that are considered as GOOD pseudorandom generators by NIST SP800-22 test suite though the output of these functions are easily distinguishable from the uniform distribution. Thus these functions are not pseudorandom generators by definition. On the other hand, NIST SP800-22 does not cover some of the important laws for randomness. Two fundamental limit theorems about random binary strings are the central limit theorem and the law of the iterated logarithm (LIL). Several frequency related tests in NIST SP800-22 cover the central limit theorem while no NIST SP800-22 test covers LIL. This paper proposes techniques to address the above challenges that NIST SP800-22 testing suite faces. Firstly, we propose statistical distance based testing techniques for (pseudo) random generators to reduce the above mentioned Type II errors in NIST SP800-22 test suite. Secondly, we propose LIL based statistical testing techniques, calculate the probabilities, and carry out experimental tests on widely used pseudorandom generators by generating around 30TB of pseudorandom sequences. The experimental results show that for a sample size of 1000 sequences (2TB), the statistical distance between the generated sequences and the uniform distribution is around 0.07 (with $0$ for statistically indistinguishable and $1$ for completely distinguishable) and the root-mean-square deviation is around 0.005

Verified Correctness and Security of mbedTLS HMAC-DRBG

We have formalized the functional specification of HMAC-DRBG (NIST 800-90A), and we have proved its cryptographic security--that its output is pseudorandom--using a hybrid game-based proof. We have also proved that the mbedTLS implementation (C program) correctly implements this functional specification. That proof composes with an existing C compiler correctness proof to guarantee, end-to-end, that the machine language program gives strong pseudorandomness. All proofs (hybrid games, C program verification, compiler, and their composition) are machine-checked in the Coq proof assistant. Our proofs are modular: the hybrid game proof holds on any implementation of HMAC-DRBG that satisfies our functional specification. Therefore, our functional specification can serve as a high-assurance reference.Comment: Appearing in CCS '1

Linear solutions for cryptographic nonlinear sequence generators

This letter shows that linear Cellular Automata based on rules 90/150 generate all the solutions of linear difference equations with binary constant coefficients. Some of these solutions are pseudo-random noise sequences with application in cryptography: the sequences generated by the class of shrinking generators. Consequently, this contribution show that shrinking generators do not provide enough guarantees to be used for encryption purposes. Furthermore, the linearization is achieved through a simple algorithm about which a full description is provided