Abstract
We present a new statistical test (GGRTest) which is based on the generalized gambler’s ruin problem (with arbitrary winning/losing probabilities). The test is able to detect non-uniformity of the outputs generated by the pseudo-random bit generators (PRNGs).
We also propose a new method, called BitTracker, of processing bits of a PRNG. In most of the statistical test-suites, bits are read in 31/32-bit groups. For many tests (e.g., OPERM) only a few first bits of the group are taken into account. Instead of “wasting” bits (in some statistical tests), the method takes into account every single bit of the PRNG’s output.
Authors were supported by Polish National Science Centre contract number DEC-2013/10/E/ST1/00359.
This is a preview of subscription content, access via your institution.
Buying options
References
Akgün, M., Kavak, P., Demirci, H.: New results on the key scheduling algorithm of RC4. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 40–52. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89754-5_4
AlFardan, N., Bernstein, D.J., Paterson, K.G., Poettering, B., Schuldt, J.C.N.: On the security of RC4 in TLS. In: Presented as part of the 22nd USENIX Security Symposium (USENIX Security 13), Washington, D.C., pp. 305–320. USENIX (2013)
Banik, S., Sarkar, S., Kacker, R.: Security analysis of the RC4+ stream cipher. In: Paul, G., Vaudenay, S. (eds.) INDOCRYPT 2013. LNCS, vol. 8250, pp. 297–307. Springer, Cham (2013). https://doi.org/10.1007/978-3-319-03515-4_20
Barker, E., Kelsey, J.: DRAFT NIST Special Publication 800-90A, Rev. 1 - Recommendation for Random Number Generation Using Deterministic Random Bit Generators. Technical report, NIST (2014)
Bernstein, D.J.: The Salsa20 family of stream ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 84–97. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68351-3_8
Brown, R.G., Eddelbuettel, D., Bauer, D.: Dieharder: a random number test suite. www.phy.duke.edu/~rgb/General/dieharder.php
Ekkehard, H., Grønvik, A.: Re-seeding invalidates tests of random number generators. Appl. Math. Comput. 217(1), 339–346 (2010)
Fluhrer, S., Mantin, I., Shamir, A.: Weaknesses in the key scheduling algorithm of RC4. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 1–24. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45537-X_1
Jha, S., Banik, S., Isobe, T., Ohigashi, T.: Some proofs of joint distributions of keystream biases in RC4. In: Dunkelman, O., Sanadhya, S.K. (eds.) INDOCRYPT 2016. LNCS, vol. 10095, pp. 305–321. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-49890-4_17
Kang, M.: Efficiency test of pseudorandom number generators using random walks. J. Comput. Appl. Math. 174(1), 165–177 (2005)
Kim, C., Choe, G.H., Kim, D.H.: Tests of randomness by the gambler’s ruin algorithm. Appl. Math. Comput. 199(1), 195–210 (2008)
L’Ecuyer, P., Simard, R.: TestU01: a C library for empirical testing of random number generators. ACM Trans. Math. Softw. 33(4), 22-es (2007)
Lorek, P.: Generalized gambler’s ruin problem: explicit formulas via Siegmund duality. Methodol. Comput. Appl. Prob. 19(2), 603–613 (2017)
Matsumoto, M., Nishimura, T.: Mersenne twister: a 623-dimensionally equidistributed uniform pseudo-random number generator. ACM Trans. Model. Comput. Simul. 8(1), 3–30 (1998)
Schuldt, J.C.N., Rivest, R.L.: Spritz—a spongy RC4-like stream cipher and hash function. Technical report (2014)
Paul, S., Preneel, B.: A new weakness in the RC4 keystream generator and an approach to improve the security of the cipher. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 245–259. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-25937-4_16
Maitra, S., Paul, G.: Analysis of RC4 and proposal of additional layers for better security margin. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 27–39. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89754-5_3
Vanhoef, M., Piessens, F.: All your biases belong to us: breaking RC4 in WPA-TKIP and TLS. In: USENIX Security Symposium (2015)
Wang, Y., Nicol, T.: On statistical distance based testing of pseudo random sequences and experiments with PHP and Debian OpenSSL. Comput. Secur. 53, 44–64 (2015)
Zoltak, B.: VMPC one-way function and stream cipher. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 210–225. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-25937-4_14
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Lorek, P., Słowik, M., Zagórski, F. (2017). Statistical Testing of PRNG: Generalized Gambler’s Ruin Problem. In: Blömer, J., Kotsireas, I., Kutsia, T., Simos, D. (eds) Mathematical Aspects of Computer and Information Sciences. MACIS 2017. Lecture Notes in Computer Science(), vol 10693. Springer, Cham. https://doi.org/10.1007/978-3-319-72453-9_34
Download citation
DOI: https://doi.org/10.1007/978-3-319-72453-9_34
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72452-2
Online ISBN: 978-3-319-72453-9
eBook Packages: Computer ScienceComputer Science (R0)