Analysis of the Statistical Independence of the NIST SP 800-22 Randomness Tests

Trabajo de Fin de Grado en Ingeniería Informática, Facultad de Informática UCM, Departamento de Ingeniería del Software e Inteligencia Artificial, Curso 2020/2021.Uno de los aspectos críticos de la comunicación encriptada consiste en la buena generación de números aleatorios, tanto para usarlos directamente como cifrado como para poder inicializar otros métodos de encriptación. No obstante, medir un concepto como la aleatoriedad no es una tarea sencilla. Para tratar de solucionar este problema, se usa la inferencia estadística. Mediante test de hipótesis, se trata de buscar debilidades en una secuencia, que permitan rechazar la hipótesis de que esa secuencia es aleatoria. Para que estos test nos aporten información real sobre la secuencia, deben ser independientes entre sí. Hemos realizado un experimento con una gran cantidad de datos para determinar si la batería de test de aleatoriedad más ampliamente utilizada, la NIST SP 800-22, realmente cumple, tal como dice cumplir, con la independencia de sus test. Hemos analizado los datos para ver qué test aportan más información, y cuáles pueden ser redundantes. Además,hemos puesto a prueba otros tipos de debilidades en la batería.One of the most critical aspects of encrypted communications consists on properly generating random numbers, either for straight use as a cipher or else to initialise other encryption algorithms. Nonetheless, assessing randomness is no easy task. In order to tackle this problem, statistical inference is used. Vulnerabilities of randomness are sought in sequences by means of hypothesis tests, through which the hypothesis that the sequence is random can be rejected. For these tests to yield real information on the sequence, the tests cannot be redundant, and should be independent. We have carried out an experiment with a big amount of data in order to assess whether the most widely used randomness tests battery, National Institute of Standards and Technology (NIST) Special Publication (SP) 800-22, really has independent tests, as the organisation claims to have. We have analysed the data to determine which tests offer more information, and which are redundant. Besides, we have tested for other flaws in the battery.Depto. de Ingeniería de Software e Inteligencia Artificial (ISIA)Fac. de InformáticaTRUEunpu

StringENT test suite: ENT battery revisited for efficient P value computation

Random numbers play a key role in a wide variety of applications, ranging from mathematical simulation to cryptography. Generating random or pseudo-random numbers is not an easy task, especially when hardware, time and energy constraints are considered. In order to assess whether generators behave in a random fashion, there are several statistical test batteries. ENT is one of the simplest and most popular, at least in part due to its efficacy and speed. Nonetheless, only one of the tests of this suite provides a p value, which is the most useful and standard way to determine whether the randomness hypothesis holds, for a certain significance level. As a consequence of this, rather arbitrary and at times misleading bounds are set in order to decide which intervals are acceptable for its results. This paper introduces an extension of the battery, named StringENT, which, while sticking to the fast speed that makes ENT popular and useful, still succeeds in providing p values with which sound decisions can be made about the randomness of a sequence. It also highlights a flagrant randomness flaw that the classical ENT battery is not capable of detecting but the new StringENT notices, and introduces two additional tests.Depto. de Estadística e Investigación OperativaFac. de Ciencias MatemáticasTRUEpu

Weaknesses in ENT Battery Design

Randomness testing is a key tool to analyse the quality of true (physical) random and pseudo-random number generators. There is a wide variety of tests that are designed for this purpose, i.e., to analyse the goodness of the sequences used. These tests are grouped in different sets called suites or batteries. The batteries must be designed in such a way that the tests that form them are independent, that they have a wide coverage, and that they are computationally efficient. One such battery is the well-known ENT battery, which provides four measures and the value of a statistic (corresponding to the chi-square goodness-of-fit test). In this paper, we will show that this battery presents some vulnerabilities and, therefore, must be redefined to solve the detected problems

StringENT test suite: ENT battery revisited for efficient P value computation

Random numbers play a key role in a wide variety of applications, ranging from mathematical simulation to cryptography. Generating random or pseudo-random numbers is not an easy task, especially when hardware, time and energy constraints are considered. In order to assess whether generators behave in a random fashion, there are several statistical test batteries. ENT is one of the simplest and most popular, at least in part due to its efficacy and speed. Nonetheless, only one of the tests of this suite provides a p value, which is the most useful and standard way to determine whether the randomness hypothesis holds, for a certain significance level. As a consequence of this, rather arbitrary and at times misleading bounds are set in order to decide which intervals are acceptable for its results. This paper introduces an extension of the battery, named StringENT, which, while sticking to the fast speed that makes ENT popular and useful, still succeeds in providing p values with which sound decisions can be made about the randomness of a sequence. It also highlights a flagrant randomness flaw that the classical ENT battery is not capable of detecting but the new StringENT notices, and introduces two additional tests