The Linux Pseudorandom Number Generator Revisited

déposé sur Cryptology ePrint Archive (http://eprint.iacr.org/)The Linux pseudorandom number generator (PRNG) is a PRNG with entropy inputs which is widely used in many security related applications and protocols. This PRNG is written as an open source code which is subject to regular changes. It was last analyzed in the work of Gutterman et al. in 2006 [GPR06] but since then no new analysis has been made available, while in the meantime several changes have been applied to the code, among others, to counter the attacks presented in [GPR06]. Our work describes the Linux PRNG of kernel versions 2.6.30.7 and upwards. We detail the PRNG architecture in the Linux system and provide its first accurate mathematical description and a precise analysis of the building blocks, including entropy estimation and extraction. Subsequently, we give a security analysis including the feasibility of cryptographic attacks and an empirical test of the entropy estimator. Finally, we underline some important changes to the previous versions and their consequences

Study of Threshold Switching behavior of Pt/HfO2 /TiN cell and its application in True Random Number Generator

학위논문(석사)--서울대학교 대학원 :공과대학 재료공학부,2019. 8. 황철성.The novel technologies like the Internet of Things (IoT) raise the security concerns because of the sensitive information they will handle. That makes the random number generator become one important role in the protection of privacy, which could create one unique signature for each party. And the reliability of this kind of authentication highly depends on how random number generator is. Usually pseudo-random number generator (PRNG) strongly depends on its algorithms or codes, which results in the easy attack. Especially for the sequences they generate could be predictable from their seed value that is fed into generator at the start. That makes true-random number generator (TRNG) become the main role in information security. Memristor can show resistive switching behavior under proper bias conditions, however, the nonuniformity has troubled people to push the next generation memory. This kind of chaos in switching performance results from the stochastic physical characteristics and other complex mechanisms. The Pt/HfO2/TiN memristor shows a large change scale in switching parameters, which is a big problem for memory application, but a great superiority in the area of the random number generator. The electron transportation of this Pt/HfO2/TiN memristor, which is explained by trapping / detrapping mechanism, is mainly attributed to trap-assisted-tunneling process. The cell shows threshold switching behavior under a low compliance current due to limited the number of total injected electrons. And the trap-assisted-tunneling mechanism is related with temperature and distance between intrinsically existed traps in oxide layer, resulting in its stochastic delay time and relaxation time. One true random number generator based this Pt/HfO2/TiN memristor is proposed. And in this proposed TRNG, the Pt/HfO2/TiN memristor is used as seed provider and plays the role of the entropy source. Its stochastic physical characteristics are fully used by transformation of Linear Feedback Shift Registers feedback function in the new circuit. The 4-stage LFSR structure is used and restructured to achieve one more complex RNG circuit to avoid attacking. The output from 4-stage LFSR has been collected and digitized by MATLAB coding. The binary output bits have been run in NIST randomness tests. And the data collected from proposed TRNG has passed all 15 National Institute of Standards and Technology randomness tests, indicating Pt/HfO2/TiN memristor would be perfect candidate for hardware security application.Chapter 1. Introduction 1 1.1 Overview 1 Chapter 2. Investigation of switching behavior of Pt/HfO2/TiN memristor using trap-assisted-tunneling mechanism 6 2.1 Introduction 6 2.2 Experimental Fabrication 7 2.3 Switching Mechanism 10 2.4 Experimental Verification and Results 17 2.5 Summary 20 Chapter 3. Random Number Generator 23 3.1 Introduction 23 3.2 Pseudo-Random Number Generator 24 3.3 D Flip-Flop 25 3.4 Linear Feedback Shift Register 28 3.5 Non-linear Feedback Solutions for LFSR 33 3.6 True Random Number Generator 38 3.7 Summary 39 Chapter 4. TRNG using Pt/HfO2/TiN memristor 41 4.1 Introduction 41 4.2 Design and Simulation 42 4.3 Experimental Procedure 51 4.4 NIST Randomness Test 57 4.5 Results and Analysis 68 4.6 Summary 72 Chapter 5. Conclusion 74 5.1 Summary 74 Bibliography 78 Abstract in Korean 82Maste

Practical Detection of Entropy Loss in Pseudo-Random Number Generators : Extended Version

Pseudo-random number generators (PRNGs) are a critical infrastructure for cryptography and security of many computer applications. At the same time, PRNGs are surprisingly difficult to design, implement, and debug. This paper presents the first static analysis technique specifically for quality assurance of cryptographic PRNG implementations. The analysis targets a particular kind of implementation defect, the entropy loss. Entropy loss occurs when the entropy contained in the PRNG seed is not utilized to the full extent for generating the pseudo-random output stream. The Debian OpenSSL disaster, probably the most prominent PRNG-related security incident, was one but not the only manifestation of such a defect. Together with the static analysis technique, we present its implementation, a tool named Entroposcope. The tool offers a high degree of automation and practicality. We have applied the tool to five real-world PRNGs of different designs and show that it effectively detects both known and previously unknown instances of entropy loss

Diseño y desarrollo de un sistema de comunicación grupal seguro

Debido al creciente auge de las tecnologías de la información y, por tanto, también de la sensibilidad respecto a la privacidad de los usuarios, los sistemas de comunicación o mensajería por internet se han convertido en un tema de gran relevancia en la actualidad. El proyecto consistirá en el diseño y desarrollo de una aplicación o sistema que permita ofrecer un servicio de comunicación o mensajería de forma segura, atendiendo a conceptos de integridad, privacidad y autenticidad de la información, ingeniería del software, integración de servicios y escalabilidad

The Linux Pseudorandom Number Generator Revisited

déposé sur Cryptology ePrint Archive (http://eprint.iacr.org/)The Linux pseudorandom number generator (PRNG) is a PRNG with entropy inputs which is widely used in many security related applications and protocols. This PRNG is written as an open source code which is subject to regular changes. It was last analyzed in the work of Gutterman et al. in 2006 [GPR06] but since then no new analysis has been made available, while in the meantime several changes have been applied to the code, among others, to counter the attacks presented in [GPR06]. Our work describes the Linux PRNG of kernel versions 2.6.30.7 and upwards. We detail the PRNG architecture in the Linux system and provide its first accurate mathematical description and a precise analysis of the building blocks, including entropy estimation and extraction. Subsequently, we give a security analysis including the feasibility of cryptographic attacks and an empirical test of the entropy estimator. Finally, we underline some important changes to the previous versions and their consequences