Thursday, June 29, 2017

Cryptography: True Random Number Generator


Entropy Sources

•A true random number generator (TRNG) uses a non-deterministic source to produce randomness.

•Most operate by measuring unpredictable natural processes, such as pulse detectors of ionizing radiation events, gas discharge tubes, and leaky capacitors.

•Intel has developed a commercially available chip that samples thermal noise by amplifying the voltage measured across undriven resistors.

•LavaRnd is an open source project for creating truly random numbers using inexpensive cameras, open source code, and inexpensive hardware.

•The system uses a saturated CCD in a light-tight can as a chaotic source to produce the seed.

•Software processes the result into truly random numbers in a variety of formats.

RFC 4086 lists the following possible sources of randomness that, with care, easily can be used on a computer to generate truly random sequences.

•Sound/video input: Many computers are built with inputs that digitize some real-world analog source, such as sound from a microphone or video input from a camera.

–The “input” from a sound digitizer with no source plugged in or from a camera with the lens cap on is essentially thermal noise. If the system has enough gain to detect anything, such input can provide reasonably high-quality random bits.



•Disk drives: Disk drives have small random fluctuations in their rotational speed due to chaotic air turbulence. The addition of low-level disk seek time instrumentation produces a series of measurements that contain this randomness.

–Such data is usually highly correlated, so significant processing is needed. Nevertheless, experimentation a decade ago showed that, with such processing, even slow disk drives on the slower computers of that day could easily produce 100 bits a minute or more of excellent random data.

•A typical stream cipher encrypts plaintext one byte at a time, although a stream cipher may be designed to operate on one bit at a time or on units larger than a byte at a time.

•Figure 7.5 is a representative diagram of stream cipher structure.

•In this structure, a key is an input to a pseudorandom bit generator that produces a stream of 8-bit numbers that are apparently random.

•The output of the generator, called a keystream, is combined one byte at a time with the plaintext stream using the bit- wise exclusive-OR (XOR) operation.
•The stream cipher is similar to the one-time pad.
•The difference is that a one-time pad uses a genuine random number stream, whereas a stream cipher uses a pseudorandom number stream.

Following are important design considerations for a stream cipher.
1.The encryption sequence should have a large period. A pseudorandom num- ber generator uses a function that produces a deterministic stream of bits that eventually repeats. The longer the period of repeat the more difficult it will be to do cryptanalysis. This is essentially the same consideration that was discussed with reference to the Vigenère cipher, namely that the longer the keyword the more difficult the cryptanalysis.

2.The keystream should approximate the properties of a true random number stream as close as possible. For example, there should be an approximately equal number of 1s and 0s. If the keystream is treated as a stream of bytes, then all of the 256 possible byte values should appear approximately equally often. The more random-appearing the keystream is, the more randomized the ciphertext is, making cryptanalysis more difficult.

3.The output of the pseudorandom number generator is conditioned on the value of the input key. To guard against brute-force attacks, the key needs to be sufficiently long. The same considerations that apply to block ciphers are valid here. Thus, with current technology, a key length of at least 128 bits is desirable.
Stream Ciphers - Advantages
•With a properly designed pseudorandom number generator, a stream cipher can be as secure as a block cipher of comparable key length.
•A potential advantage of a stream cipher is that stream ciphers that do not use block ciphers as a building block are typically faster and use far less code than do block ciphers.

•For applications that require encryption/decryption of a stream of data, such as over a data communications channel or a browser/Web link, a stream cipher might be the better alternative.
•For applications that deal with blocks of data, such as file transfer, e-mail, and database, block ciphers may be more appropriate.
•However, either type of cipher can be used in virtually any application.

Key stretching - explicação

Você pode fazer uma chave fraca se tornar mais forte ao executar múltiplos processos para a mesma chave. Por exemplo, você pode ter uma se...