Abstract
New dangerous attacks have arisen as we witness the current evolution of digital data. Connecting devices, vehicles, even our own bodies to the Internet have generated enormous amounts of data that need to be secured. New security solutions and ciphers are being proposed taking into consideration all the limitations in the devices used in today’s technologies. However, different factors have to be taken into consideration to prove the reliability of any cipher. One of these criteria is the randomness of the ciphered output. Usually, randomness tests are used to prove the efficiency of Pseudo Random Number Generators- PRNGs, and they are not considered in the test suite for cryptographic algorithms. This paper proposes using the well known tools Practrand (Doty-Humphrey 2010) and TestU01 (L’Ecuyer and Simard, ACM Trans Math Soft (TOMS) 33(4):22, 2007) to test the randomness criteria for any new/old symmetric cipher. To show our cryptographic point of view, several well known ciphers were tested by these tools. Some of them failed these tests and did not meet the desired security requirements and the sufficient statistical immunity. In fact, this paper shows that these ciphers do not generate enough randomness making them vulnerable to different kinds of attacks which reinforces our proposal.
Similar content being viewed by others
References
Andem VR (2003) A cryptanalysis of the tiny encryption algorithm. Ph.D. thesis, University of Alabama
Aoki K, Ichikawa T, Kanda M, Matsui M, Moriai S, Nakajima J, Tokita T (2000) Camellia: a 128-bit block cipher suitable for multiple platforms—design andanalysis. In: International workshop on selected areas in cryptography, pp. 39–56. Springer
Bernstein DJ (2008) Chacha, a variant of salsa20. In: Workshop record of SASC, vol. 8, pp. 3–5
Biryukov A, Perrin LP (2017) State of the art in lightweight symmetric cryptography
Boesgaard M, Vesterager M, Pedersen T, Christiansen J, Scavenius O (2003) Rabbit: a new high-performance stream cipher. In: International workshop on fast software encryption, pp. 307–329. Springer
Bogdanov A, Knudsen LR, Leander G, Paar C, Poschmann A, Robshaw MJ, Seurin Y, Vikkelsoe C (2007) Present: an ultra-lightweight block cipher. In: International workshop on cryptographic hardware and embedded systems, pp. 450–466. Springer
Coppersmith D (1994) The data encryption standard (des) and its strength against attacks. IBM journal of research and development 38(3):243–250
Doty-Humphrey C (2010) Practically random: C++ library of statistical tests for rngs. https://sourceforge.net/projects/pracrand
Fisher RA (1992) Statistical methods for research workers. In: Breakthroughs in statistics, pp. 66–70. Springer
Hatzivasilis G, Fysarakis K, Papaefstathiou I, Manifavas C (2018) A review of lightweight block ciphers. Journal of Cryptographic Engineering 8(2):141–184
Hong D, Sung J, Hong S, Lim J, Lee S, Koo BS, Lee C, Chang D, Lee J, Jeong K et al (2006) Hight: a new block cipher suitable for low-resource device. International workshop on cryptographic hardware and embedded systems, pp. 46–59. Springer
Karn P, Metzger P, Simpson W (1995) The esp triple des transform. Tech rep
Kaukonen K, Thayer R (1999) Thayer r.: a stream cipher encryption algorithm “arcfour”
Kendall MG, Smith BB (1938) Randomness and random sampling numbers. Journal of the royal Statistical Society 101(1):147–166
Koch W, Schulte M (2005) The libgcrypt reference manual. Free Software Foundation Inc, pp 1–47
Kwasnicki M (2018) Strong encryption for small payloads on Arduino. https://kwasi-ich.de/blog/2018/03/05/mcu_encryption/
Lai X, Massey JL (1990) A proposal for a new block encryption standard. In: Workshop on the theory and application of of cryptographic techniques, pp. 389–404. Springer
L’Ecuyer P, Simard R (2007) Testu01: Ac library for empirical testing of random number generators. ACM Trans Math Soft (TOMS) 33(4):22
Lemire D (2018) TestingRNG (2018). https://github.com/lemire/testingRNG
Manogaran G, Lopez D, Thota C, Abbas KM, Pyne S, Sundarasekar R (2017) Big data analytics in healthcare internet of things. In: Innovative healthcare systems for the 21st century, pp. 263–284. Springer
Marsaglia G (1998) Diehard test suite 8(01):2014. http://www.stat.fsu.edu/pub/diehard
Pearson K (1900) X. On the criterion that a given system of deviations from the probable in the case of a correlated system of variables is such that it can be reasonably supposed to have arisen from random sampling. The London, Edinburgh, and Dublin Philosophical Magazine and Journal of Science 50(302):157–175
Rogaway P (2004) Nonce-based symmetric encryption. In: International workshop on fast software encryption, pp. 348–358. Springer
Schneier B (1994) Fast software encryption cambridge security workshop proceedings
Schneier B (2007) Applied cryptography: protocols, algorithms, and source code in C john wiley & sons
Schneier B, Kelsey J, Whiting D, Wagner D, Hall C, Ferguson N (1998) Twofish: a 128-bit block cipher. NIST AES Proposal 15:23
Steele GL Jr, Lea D, Flood CH (2014) Fast splittable pseudorandom number generators. In: ACM SIGPLAN Notices, vol. 49, pp. 453–472. ACM
wolfSSL User Manual: User Manual – Version 3.9.0, wolfSSL (2016) https://www.wolfssl.com/docs/wolfssl-manual/
Walker J (2008) Ent: a pseudorandom number sequence test program. Software and documentation available at www.fourmilab.ch/random/S
Wheeler DJ, Needham RM (1994) Tea, a tiny encryption algorithm. In: International workshop on fast software encryption, pp. 363–366. Springer
Wheeler DJ, Needham RM (1998) Correction to xtea. Unpublished manuscript, Computer Laboratory. Cambridge University, England
Wille C (2004) Storing passwords-done right last updated 1
Wu H (2008) The stream cipher hc-128. In: New stream cipher designs, pp. 39–47. Springer
Wu W, Zhang L (2011) Lblock: a lightweight block cipher. In: International conference on applied cryptography and network security, pp. 327–344. Springer
Yu Y, Yang Y, Fan Y, Min H (2006) Security scheme for rfid tag. Auto-ID Labs Fudan University, White Paper
Acknowledgments
This paper was partially supported by funds by the EIPHI Graduate School (contract “ANR-17-EURE-0002”). Simulations were conducted on the servers of the “Mésocentre de calcul de Franche-Comté”. We would like to thank them for accepting our request and for giving us access to their machines.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Sleem, L., Couturier, R. TestU01 and Practrand: Tools for a randomness evaluation for famous multimedia ciphers. Multimed Tools Appl 79, 24075–24088 (2020). https://doi.org/10.1007/s11042-020-09108-w
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-020-09108-w