Skip to main content

BoolTest: The Fast Randomness Testing Strategy Based on Boolean Functions with Application to DES, 3-DES, MD5, MD6 and SHA-256

Part of the Communications in Computer and Information Science book series (CCIS,volume 990)

Abstract

The output of modern cryptographic primitives like pseudorandom generators and block or stream ciphers is frequently required to be indistinguishable from a truly random data. The existence of any distinguisher provides a hint about the insufficient confusion and diffusion property of an analyzed function. In addition to targeted cryptoanalysis, statistical tests included in batteries such as NIST STS, Dieharder or TestU01 are frequently used to assess the indistinguishability property. However, the tests included in these batteries are either too simple to spot the common biases (like the Monobit test) or overly complex (like the Fourier Transform test) requiring an extensive amount of data. We propose a simple, yet surprisingly powerful method called BoolTest for the construction of distinguishers based on an exhaustive search for boolean function(s). The BoolTest typically constructs distinguisher with fewer input data required and directly identifies the function’s biased output bits. We analyze the performance on four input generation strategies: counter-based, low hamming weight, plaintext-ciphertext block combination and bit-flips to test strict avalanche criterion. The BoolTest detects bias and thus constructs distinguisher in a significantly higher number of rounds in the round-reduced versions of DES, 3-DES, MD5, MD6 and SHA-256 functions than the state-of-the-art batteries. Finally, we provide a precise interpretation of BoolTest verdict (provided in the form of Z-score) about the confidence of a distinguisher found. The BoolTest clear interpretation is a significant advantage over standard batteries consisting of multiple tests, where not only a statistical significance of a single test but also aggregated decision over multiple, potentially correlated tests, needs to be correctly performed.

Keywords

  • Statistical randomness testing
  • Hypothesis testing
  • Boolean function

The BoolTest implementation and paper supplementary material can be found at https://crocs.fi.muni.cz/papers/booltest2018.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-11039-0_7
  • Chapter length: 27 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   79.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-11039-0
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   99.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.
Fig. 7.
Fig. 8.

Notes

  1. 1.

    This is extended version of the paper ‘The Efficient Randomness Testing using Boolean Functions’ [1, SeCrypt].

  2. 2.

    In most cases distribution D(x) is given.

  3. 3.

    \(f_1\), \(f_2\), \(f_3\), \(f_4\), \(f_5\), \(f_6\) are particular boolean functions.

References

  1. Sýs, M., Klinec, D., Švenda, P.: The efficient randomness testing using boolean functions. In: 14th International Conference on Security and Cryptography (Secrypt 2017). SCITEPRESS, pp. 92–103 (2017)

    Google Scholar 

  2. Simion, E.: The relevance of statistical tests in cryptography. IEEE Secur. Priv. 13, 66–70 (2015)

    CrossRef  Google Scholar 

  3. Sýs, M., Klinec, D.: Booltest - a tool for fast randomness testing (2017). http://crocs.fi.muni.cz/papers/secrypt2017

  4. Rukhin, A.: A statistical test suite for the validation of random number generators and pseudo random number generators for cryptographic applications, version STS-2.1, NIST (2010)

    Google Scholar 

  5. Press, W.H., Teukolsky, S.A., Vetterling, W.T., Flannery, B.P.: Numerical Recipes 3rd Edition: The Art of Scientific Computing. Cambridge University Press, New York (2007)

    MATH  Google Scholar 

  6. Sheskin, D.J.: Handbook of Parametric and Nonparametric Statistical Procedures. CRC Press, Boca Raton (2003)

    CrossRef  Google Scholar 

  7. Svenda, P., et al.: The million-key question - investigating the origins of RSA public keys. In: The 25th USENIX Security Symposium (UsenixSec 2016), USENIX, pp. 893–910 (2016)

    Google Scholar 

  8. Wackerly, D.D., Mendenhall III, W., Scheaffer, R.L.: Mathematical statistics with applications, Duxbury Advanced Series (2002)

    Google Scholar 

  9. Chevillard, S.: The functions ERF and ERFC computed with arbitrary precision and explicit error bounds. In: Academic Press Inc, Information and Computation, vol. 216. Academic Press, Inc., pp. 72–95 (2012)

    Google Scholar 

  10. Brown, R.G., Eddelbuettel, D., Bauer, D.: Dieharder: a random number test suite 3.31.1 (2013). http://www.phy.duke.edu/~rgb/General/dieharder.php

  11. Marsaglia, G.: Diehard: a battery of tests of randomness (1995). https://web.archive.org/web/20040810115625/http://stat.fsu.edu/~geo/diehard.html

  12. L’Ecuyer, P., Simard, R.: TestU01: a C library for empirical testing of random number generators. ACM Trans. Math. Softw. 33, 22 (2007)

    MathSciNet  CrossRef  Google Scholar 

  13. NIST: FIPS 140–2 security requirements for cryptographic modules, NIST (2001)

    Google Scholar 

  14. Knuth, D.E.: The Art of Computer Programming, vol. 2, 1st edn. Addison-Wesley Longman Publishing Co., Inc., Boston (1969)

    MATH  Google Scholar 

  15. Caelli, W., et al.: Crypt-X suite (1998). https://web.archive.org/web/19990224063612/http://www.isrc.qut.edu.au/cryptx/index.html

  16. Doty-Humphrey, C.: Practically random: Specific tests in practrand (2014). http://pracrand.sourceforge.net/

  17. Piras, C.: RaBiGeTe documentation (2004). http://cristianopi.altervista.org/RaBiGeTe_MT/

  18. Kaminsky, A., Sorrell, J.: Cryptostat: A Bayesian Statistical Testing Framework for Block Ciphers and Macs. Rochester Institute of Technology, Rochester (2013)

    Google Scholar 

  19. Biryukov, A., Velichkov, V.: Automatic search for differential trails in ARX ciphers. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 227–250. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-04852-9_12

    CrossRef  MATH  Google Scholar 

  20. Walker, J.: ENT: a pseudorandom number sequence test program (2008). https://www.fourmilab.ch/random/

  21. Mascagni, M., Srinivasan, A.: Algorithm 806: Sprng: a scalable library for pseudorandom number generation. ACM Trans. Math. Softw. (TOMS) 26, 436–461 (2000)

    CrossRef  Google Scholar 

  22. Jones, G.: gjrand random numbers (2007). http://gjrand.sourceforge.net/

  23. Schindler, W., Killmann, W.: Evaluation criteria for true (Physical) random number generators used in cryptographic applications. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 431–449. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36400-5_31

    CrossRef  MATH  Google Scholar 

  24. Heys, H.M.: A tutorial on linear and differential cryptanalysis. Cryptologia 26, 189–221 (2002). Bristol, PA, USA, Taylor & Francis, Inc

    CrossRef  Google Scholar 

  25. Bard, G.V.: Algebraic Cryptanalysis. Springer Publishing Company, Boston (2009). https://doi.org/10.1007/978-0-387-88757-9. ISBN 978-0-387-88756-2

    CrossRef  MATH  Google Scholar 

  26. Mouha, N.: Ecrypt II: tools for cryptography (2010). http://www.ecrypt.eu.org/tools/overview

  27. Filiol, E.: A new statistical testing for symmetric ciphers and hash functions. In: Deng, R., Bao, F., Zhou, J., Qing, S. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 342–353. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-36159-6_29

    CrossRef  MATH  Google Scholar 

  28. Englund, H., Johansson, T., Sönmez Turan, M.: A framework for chosen IV statistical analysis of stream ciphers. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 268–281. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77026-8_20

    CrossRef  Google Scholar 

  29. Stankovski, P.: Greedy distinguishers and nonrandomness detectors. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 210–226. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17401-8_16

    CrossRef  Google Scholar 

  30. Kaminsky, A., Sorrell, J.: Cryptostat, a bayesian statistical testing framework for block ciphers and MACS (2014). http://www.cs.rit.edu/~ark/students/jls6190/report.pdf

  31. Hernández, J., Isasi, P.: Finding efficient distinguishers for cryptographic mappings, with an application to the block cipher TEA. In: Computational Intelligence, vol. 20, pp. 517–525, Blackwell (2004)

    Google Scholar 

  32. Garrett, A., Hamilton, J., Dozier, G.: A comparison of genetic algorithm techniques for the cryptanalysis of TEA. Int. J. Intell. Control Syst. 12, 325–330 (2007). Springer

    Google Scholar 

  33. EACirc: EACirc project (2017). https://github.com/CRoCS_MUNI/EACirc

  34. Sýs, M., Švenda, P., Ukrop, M., Matyáš, V.: Constructing empirical tests of randomness. In: SECRYPT 2014, ICETE (2014)

    Google Scholar 

Download references

Acknowledgements

We acknowledge the support of the Czech Science Foundation, project GA16-08565S. Computational resources were provided by the CESNET LM2015042 and the CERIT Scientific Cloud LM2015085, provided under the programme “Projects of Large Research, Development, and Innovations Infrastructures”.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Petr Švenda .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Sýs, M., Klinec, D., Kubíček, K., Švenda, P. (2019). BoolTest: The Fast Randomness Testing Strategy Based on Boolean Functions with Application to DES, 3-DES, MD5, MD6 and SHA-256. In: Obaidat, M., Cabello, E. (eds) E-Business and Telecommunications. ICETE 2017. Communications in Computer and Information Science, vol 990. Springer, Cham. https://doi.org/10.1007/978-3-030-11039-0_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-11039-0_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-11038-3

  • Online ISBN: 978-3-030-11039-0

  • eBook Packages: Computer ScienceComputer Science (R0)