1 / 18

___________ _____ ______ _ __ _____ _ _____

___________ _____ ______ _ __ _____ _ _____. Random Numbers. many uses of random numbers in cryptography non e ces in authentication protocols to prevent replay session keys public key generation keystream for a one-time pad in all cases its critical that these values be

joelle-daugherty
Download Presentation

___________ _____ ______ _ __ _____ _ _____

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ___________ _____ _________ _____ ______

  2. Random Numbers • many uses of random numbers in cryptography • noneces in authentication protocols to prevent replay • session keys • public key generation • keystream for a one-time pad • in all cases its critical that these values be • statistically random, uniform distribution, independent • unpredictability of future values from previous values

  3. Pseudorandom Number Generators (PRNGs) • often use deterministic algorithmic techniques to create “random numbers” • although are not truly random • can pass many tests of “randomness” • known as “pseudorandom numbers” • created by “Pseudorandom Number Generators (PRNGs)”

  4. Structures of Random Number Generation

  5. Linear CongruentialGenerator • common iterative technique using: • given suitable values of parameters can produce a long random-like sequence • suitable criteria to have are: • function generates a full-period • generated sequence should appear random • efficient implementation with 32-bit arithmetic • note that an attacker can reconstruct sequence given a small number of values • have possibilities for making this harder

  6. Basic Theory of Linear Congruential Generator

  7. Sage Algorithm for Linear Congruential Generator def lcg_init(a,c,m,X0): return [a,c,m,X0] def lcg_generator(state); a = state[0] a = state[1] m = state[2] X = state[3] X_next = (a*X + c) % m state[3] = X_next return X_next

  8. Blum Blum Shub (BBS) Generator Choose two large prime numbers, i and q, both have a remainder of 4 when divided by 4. That is, Let n=pxq, Chose a random number s, which is prime to n. Run the algorithm with the initial value of s. • unpredictable, passes next-bit test • security rests on difficulty of factoring n • is unpredictable given any run of bits • slow, since very large numbers must be used • too slow for cipher use, good for key generation

  9. PRNG Structures Using A Block Cipher Counter and Output Feedback Modes

  10. PRNG Algorithms Using A Block Cipher 1) CTR Algorithm While (len (temp) < requested_number_of_bits) do V = (V+1) mod 2^128 output_block = E(Key,V) temp = (temp OR output_block) 1) OFB Algorithm While (len (temp) < requested_number_of_bits) do V = E(Key,V) temp = (temp OR V)

  11. Stream Ciphers • process message bit by bit (as a stream) • have a pseudo random keystream • combined (XOR) with plaintext bit by bit • randomness of stream key completely destroys statistically properties in message • Ci = Mi XOR StreamKeyi • but must never reuse stream key • otherwise can recover messages (cf book cipher)

  12. Stream Cipher Structure

  13. Stream Cipher Properties • some design considerations are: • long period with no repetitions • statistically random • depends on large enough key • large linear complexity • properly designed, can be as secure as a block cipher with same size key • but usually simpler & faster

  14. RC4 • a proprietary cipher owned by RSA DSI • another Ron Rivest design, simple but effective • variable key size, byte-oriented stream cipher • widely used in Secure Sockets Layer/Transport Layer Security (SSL/TLS), andin Wired Equivalent Privacy (WEP), WiFi Protected Access (WPA) protocols. • key forms random permutation of all 8-bit values • uses that permutation to scramble input info processed a byte at a time

  15. RC4 Key Schedule • starts with an array S of numbers: 0..255 • use key to well and truly shuffle • S forms internal state of the cipher for i = 0 to 255 do S[i] = i T[i] = K[i mod keylen]) j = 0 for i = 0 to 255 do j = (j + S[i] + T[i]) (mod 256) swap (S[i], S[j])

  16. RC4 Encryption/Decryption • encryption continues shuffling array values • sum of shuffled pair selects "stream key" value from permutation • XOR S[t] with next byte of message to encrypt/decrypt: i = j = 0 for each message byte Mi i = (i + 1) (mod 256) j = (j + S[i]) (mod 256) swap(S[i], S[j]) t = (S[i] + S[j]) (mod 256) Ci = Mi XOR S[t] // Decrypt Mi = Ci XOR S[t]

  17. RC4 Overview

  18. RC4 Security • claimed secure against known attacks • have some analyses, none practical • result is very non-linear • since RC4 is a stream cipher, must never reuse a key • have a concern with WEP, but due to key handling rather than RC4 itself

More Related