Advertisement

BoolTest: The Fast Randomness Testing Strategy Based on Boolean Functions with Application to DES, 3-DES, MD5, MD6 and SHA-256

  • Marek Sýs
  • Dušan Klinec
  • Karel Kubíček
  • Petr ŠvendaEmail author
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 990)

Abstract

The output of modern cryptographic primitives like pseudorandom generators and block or stream ciphers is frequently required to be indistinguishable from a truly random data. The existence of any distinguisher provides a hint about the insufficient confusion and diffusion property of an analyzed function. In addition to targeted cryptoanalysis, statistical tests included in batteries such as NIST STS, Dieharder or TestU01 are frequently used to assess the indistinguishability property. However, the tests included in these batteries are either too simple to spot the common biases (like the Monobit test) or overly complex (like the Fourier Transform test) requiring an extensive amount of data. We propose a simple, yet surprisingly powerful method called BoolTest for the construction of distinguishers based on an exhaustive search for boolean function(s). The BoolTest typically constructs distinguisher with fewer input data required and directly identifies the function’s biased output bits. We analyze the performance on four input generation strategies: counter-based, low hamming weight, plaintext-ciphertext block combination and bit-flips to test strict avalanche criterion. The BoolTest detects bias and thus constructs distinguisher in a significantly higher number of rounds in the round-reduced versions of DES, 3-DES, MD5, MD6 and SHA-256 functions than the state-of-the-art batteries. Finally, we provide a precise interpretation of BoolTest verdict (provided in the form of Z-score) about the confidence of a distinguisher found. The BoolTest clear interpretation is a significant advantage over standard batteries consisting of multiple tests, where not only a statistical significance of a single test but also aggregated decision over multiple, potentially correlated tests, needs to be correctly performed.

Keywords

Statistical randomness testing Hypothesis testing Boolean function 

Notes

Acknowledgements

We acknowledge the support of the Czech Science Foundation, project GA16-08565S. Computational resources were provided by the CESNET LM2015042 and the CERIT Scientific Cloud LM2015085, provided under the programme “Projects of Large Research, Development, and Innovations Infrastructures”.

References

  1. 1.
    Sýs, M., Klinec, D., Švenda, P.: The efficient randomness testing using boolean functions. In: 14th International Conference on Security and Cryptography (Secrypt 2017). SCITEPRESS, pp. 92–103 (2017)Google Scholar
  2. 2.
    Simion, E.: The relevance of statistical tests in cryptography. IEEE Secur. Priv. 13, 66–70 (2015)CrossRefGoogle Scholar
  3. 3.
    Sýs, M., Klinec, D.: Booltest - a tool for fast randomness testing (2017). http://crocs.fi.muni.cz/papers/secrypt2017
  4. 4.
    Rukhin, A.: A statistical test suite for the validation of random number generators and pseudo random number generators for cryptographic applications, version STS-2.1, NIST (2010)Google Scholar
  5. 5.
    Press, W.H., Teukolsky, S.A., Vetterling, W.T., Flannery, B.P.: Numerical Recipes 3rd Edition: The Art of Scientific Computing. Cambridge University Press, New York (2007)zbMATHGoogle Scholar
  6. 6.
    Sheskin, D.J.: Handbook of Parametric and Nonparametric Statistical Procedures. CRC Press, Boca Raton (2003)CrossRefGoogle Scholar
  7. 7.
    Svenda, P., et al.: The million-key question - investigating the origins of RSA public keys. In: The 25th USENIX Security Symposium (UsenixSec 2016), USENIX, pp. 893–910 (2016)Google Scholar
  8. 8.
    Wackerly, D.D., Mendenhall III, W., Scheaffer, R.L.: Mathematical statistics with applications, Duxbury Advanced Series (2002)Google Scholar
  9. 9.
    Chevillard, S.: The functions ERF and ERFC computed with arbitrary precision and explicit error bounds. In: Academic Press Inc, Information and Computation, vol. 216. Academic Press, Inc., pp. 72–95 (2012)Google Scholar
  10. 10.
    Brown, R.G., Eddelbuettel, D., Bauer, D.: Dieharder: a random number test suite 3.31.1 (2013). http://www.phy.duke.edu/~rgb/General/dieharder.php
  11. 11.
    Marsaglia, G.: Diehard: a battery of tests of randomness (1995). https://web.archive.org/web/20040810115625/http://stat.fsu.edu/~geo/diehard.html
  12. 12.
    L’Ecuyer, P., Simard, R.: TestU01: a C library for empirical testing of random number generators. ACM Trans. Math. Softw. 33, 22 (2007)MathSciNetCrossRefGoogle Scholar
  13. 13.
    NIST: FIPS 140–2 security requirements for cryptographic modules, NIST (2001)Google Scholar
  14. 14.
    Knuth, D.E.: The Art of Computer Programming, vol. 2, 1st edn. Addison-Wesley Longman Publishing Co., Inc., Boston (1969)zbMATHGoogle Scholar
  15. 15.
  16. 16.
    Doty-Humphrey, C.: Practically random: Specific tests in practrand (2014). http://pracrand.sourceforge.net/
  17. 17.
    Piras, C.: RaBiGeTe documentation (2004). http://cristianopi.altervista.org/RaBiGeTe_MT/
  18. 18.
    Kaminsky, A., Sorrell, J.: Cryptostat: A Bayesian Statistical Testing Framework for Block Ciphers and Macs. Rochester Institute of Technology, Rochester (2013)Google Scholar
  19. 19.
    Biryukov, A., Velichkov, V.: Automatic search for differential trails in ARX ciphers. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 227–250. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-04852-9_12CrossRefzbMATHGoogle Scholar
  20. 20.
    Walker, J.: ENT: a pseudorandom number sequence test program (2008). https://www.fourmilab.ch/random/
  21. 21.
    Mascagni, M., Srinivasan, A.: Algorithm 806: Sprng: a scalable library for pseudorandom number generation. ACM Trans. Math. Softw. (TOMS) 26, 436–461 (2000)CrossRefGoogle Scholar
  22. 22.
    Jones, G.: gjrand random numbers (2007). http://gjrand.sourceforge.net/
  23. 23.
    Schindler, W., Killmann, W.: Evaluation criteria for true (Physical) random number generators used in cryptographic applications. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 431–449. Springer, Heidelberg (2003).  https://doi.org/10.1007/3-540-36400-5_31CrossRefzbMATHGoogle Scholar
  24. 24.
    Heys, H.M.: A tutorial on linear and differential cryptanalysis. Cryptologia 26, 189–221 (2002). Bristol, PA, USA, Taylor & Francis, IncCrossRefGoogle Scholar
  25. 25.
    Bard, G.V.: Algebraic Cryptanalysis. Springer Publishing Company, Boston (2009).  https://doi.org/10.1007/978-0-387-88757-9. ISBN 978-0-387-88756-2CrossRefzbMATHGoogle Scholar
  26. 26.
    Mouha, N.: Ecrypt II: tools for cryptography (2010). http://www.ecrypt.eu.org/tools/overview
  27. 27.
    Filiol, E.: A new statistical testing for symmetric ciphers and hash functions. In: Deng, R., Bao, F., Zhou, J., Qing, S. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 342–353. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-36159-6_29CrossRefzbMATHGoogle Scholar
  28. 28.
    Englund, H., Johansson, T., Sönmez Turan, M.: A framework for chosen IV statistical analysis of stream ciphers. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 268–281. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-77026-8_20CrossRefGoogle Scholar
  29. 29.
    Stankovski, P.: Greedy distinguishers and nonrandomness detectors. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 210–226. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-17401-8_16CrossRefGoogle Scholar
  30. 30.
    Kaminsky, A., Sorrell, J.: Cryptostat, a bayesian statistical testing framework for block ciphers and MACS (2014). http://www.cs.rit.edu/~ark/students/jls6190/report.pdf
  31. 31.
    Hernández, J., Isasi, P.: Finding efficient distinguishers for cryptographic mappings, with an application to the block cipher TEA. In: Computational Intelligence, vol. 20, pp. 517–525, Blackwell (2004)Google Scholar
  32. 32.
    Garrett, A., Hamilton, J., Dozier, G.: A comparison of genetic algorithm techniques for the cryptanalysis of TEA. Int. J. Intell. Control Syst. 12, 325–330 (2007). SpringerGoogle Scholar
  33. 33.
    EACirc: EACirc project (2017). https://github.com/CRoCS_MUNI/EACirc
  34. 34.
    Sýs, M., Švenda, P., Ukrop, M., Matyáš, V.: Constructing empirical tests of randomness. In: SECRYPT 2014, ICETE (2014)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Marek Sýs
    • 1
  • Dušan Klinec
    • 1
  • Karel Kubíček
    • 1
  • Petr Švenda
    • 1
    Email author
  1. 1.Masaryk UniversityBrnoCzech Republic

Personalised recommendations