Abstract
The aim of this paper is to present a new design for a pseudorandom number generator (PRNG) that is cryptographically secure, passes all of the usual statistical tests referenced in the literature and hence generates high-quality random sequences, that is compact and easy to implement in practice, of portable design and offering reasonable execution times. Our procedure achieves those objectives through the use of a sequence of modular exponentiations followed by the application of Feistel-like boxes that mix up bits using a nonlinear function. The results of extensive statistical tests on sequences of about \(2^{40}\) bits in size generated by our algorithm are also presented.
This is a preview of subscription content, access via your institution.
References
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, New York (1996)
Stipcevic, M., Koc, C.K.: True Random Number Generators. In: Koc, C. (ed.) Open Problems in Mathematics and Computational Science. Springer, Cham (2014)
Rukhin, A., Soto, J., Nechvatal, J., Smid, M.: (NIST), Barker E., Leigh S., Levenson M., Vangel M., Banks D., Heckert N., Dray J., Vo S., Bassham L.: A Statistical test suite for random and pseudorandom number generators for cryptographic applications. NIST. https://doi.org/10.6028/NIST.SP.800-22r1a(2010). Accessed 12 July 2022
L’Ecuyer, P., Simard, R.: TestU01: A C library for empirical testing of random number generators. ACM Trans. Math. Software. Vol 33, article 22 (2007). (Software available at http://www-labs.iro.umontreal.ca/~simul/testu01/tu01.html)
Practically Random. https://sourceforge.net/projects/pracrand/. Accessed 12 July (2022)
RaBiGeTe. http://cristianopi.altervista.org/RaBiGeTe_MT/. Accessed 12 July (2022)
Diehard. https://web.archive.org/web/20160125103112/http:/stat.fsu.edu/pub/diehard/. Accessed 12 July (2022)
Dieharder. https://webhome.phy.duke.edu/~rgb/General/dieharder.php. Accessed 12 July (2022)
Chaitin, G.: Exploring Randomness. Springer-Verlag, London (2001)
Chaitin, G.: Randomness and mathematical proof. Sci. Am. 232(5), 47–52 (1975)
Matsumoto, M., Nishimura, T.: Mersenne twister: a 623-dimensionally equidistributed uniform pseudo-random number generator. ACM Trans. Model. Comput. Simul. 8(1), 3–30 (1998)
Beale, P.D.: A new class of scalable parallel pseudorandom number generators based on Pohlig-Hellman exponentiation ciphers ArXiv. https://arxiv.org/abs/1411.2484. (2014). Accesed 12 December (2019)
O’Neill, M.: PCG: A family of simple fast space-efficient statistically good algorithms for random number generation. Harvey Mudd College. https://www.cs.hmc.edu/tr/hmc-cs-2014-0905.pdf (2014). Accesed 2 December (2019)
Odlyzko, A.M.: Discrete logarithms in finite fields and their cryptographic significance. EUROCRYPT, pp. 224-314 (1984)
Pollard, J.M.: A Monte Carlo method for factorization. BIT Numer. Math. 15(3), 331–334 (1975)
Pohlig, S., Hellman, M.: An improved algorithm for computing logarithms over \(GF(p)\) and its cryptographic significance. IEEE Trans. Inf. Theory 24, 106–110 (1978)
Adleman, L.: A subexponential algorithm for the discrete logarithm problem with applications to cryptography. In: 20th annual symposium on foundations of computer science (1979)
Gennaro, R.: An improved pseudo-random generator based on discrete log. In: Annual international cryptology conference. Springer, Berlin, Heidelberg, (2000)
Boneh, D., Shoup, V.: A Graduate Course in Applied Cryptography, (Draft), http://toc.cryptobook.us/ (2020). Accessed 1 February (2022)
Chattopadhyay, E., Zuckerman, D.: Explicit two-source extractors and resilient functions. Ann. Math. 189(3), 653–705 (2019)
Blum, M., Micali, S.: How to generate cryptographically strong sequences of pseudorandom bits. SIAM J. Comput. 13(4), 850–864 (1984)
Patel, S., Sundaram, G.S.: An Efficient Discrete Log Pseudo Random Generator. CRYPTO 1998. Lecture Notes in Computer Science, vol. 1462. Springer, Berlin, Heidelberg (1998)
Verkhovsky B.: Deterministic algorithm computing all generators: application in cryptographic systems design. Int. J. Commun. Network Syst. Sci. pp. 715-719 (2012)
Ireland, K., Rosen, M.: A Classical Introduction to Modern Number Theory. Springer, Cham (1982)
Shoup, V.: A Computational Introduction to Number Theory and Algebra. Cambridge University Press, Cambridge (2005)
Pareschi, F., Rovatti, R., Setti, G.: Second-level NIST randomness tests for improving test reliability. ISCAS-IEEE, pp. 1437-40 (2007)
L’Ecuyer, P.: Testing random number generators. In: Proceedings of the 24th conference on winter simulation. WSC’92, ACM, New York, USA, pp. 305-313 (1992)
Murdoch, D., Tsay, Y.-L., Adcock, J.: P-values are random variables. Am. Stat. 62(3), 242–245 (2008)
Ekdahl, P., Johansson, T., Maximov, A., Yang, J.: A new SNOW stream cipher called SNOW-V. IACR Trans. Sym. Cryptol. 2019(3), 1–42 (2019)
Jiao, L., Li, Y., Hao, Y.: A guess-and-determine attack on SNOW-V stream cipher. Comput. J. 63(12), 1789–1812 (2020)
Bach, E., Shallit, J.: Algorithmic Number Theory. Volume 1: Efficient Algorithms. The MIT Press (1996)
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
The authors wish to thank Forctis AG for providing funding to this project.
Appendix
Appendix
The reduction is the procedure outlined below.
-
(1)
\(x_0 \leftarrow x\cdot t\).
-
(2)
Let \(x_1=g^{tx}\) be the output of the generator for the seed \(x_0\) (note that the first bit of \(x_0\) is 0 and that \(x_0\ div \ t=x\)).
-
(3)
\(x_2\leftarrow x_1\). Repeat the following l times:
-
(a)
Let \(w_1,w_2\) be the square roots of \(x_2\) in \(\mathbb {Z}_p\)
-
(b)
\({x_{2}\leftarrow \Big \{\begin{array}{ll} w_{1} &{}{\text{ if } }w_{1}{ \text{ is } \text{ a } \text{ square } \text{ in } } \mathbb {Z}_{p}. \\ w_{2} &{} {\text{ otherwise }} \end{array}} \)
-
(a)
-
(4)
Return \(x_2\).
All the operations involved above are polynomially bounded, since p is not just a prime but a strong prime, so \(p\equiv 3 \mod 4\) and the square roots of an element in \(\mathbb {Z}_p\), if they exist, are easy to find and there are exactly two (see [31] Corollary 7.1.2). Finally, for the same reason at most one of the roots is at the same time a square in \(\mathbb {Z} _p \) because \(-1\) is a quadratic nonresidue of p (see [31], Theorem 5.8.1).
Rights and permissions
Springer Nature or its licensor holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Di Mauro, J., Salazar, E. & Scolnik, H.D. Design and implementation of a novel cryptographically secure pseudorandom number generator. J Cryptogr Eng 12, 255–265 (2022). https://doi.org/10.1007/s13389-022-00297-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-022-00297-8
Keywords
- Pseudorandom number generators
- Modular exponentiation
- Feistel structure
- Cryptography