1 / 28

Overview of this Presentation

Validation of Pseudo Random Numbers through Graphical Analysis Andrew Cronwright Supervisor: Barry Irwin. Overview of this Presentation. Randomness Defined PRNG’s Introduced Application of PRNG’s Focus of PRNG’s in this Project ISN’s Introduced Results Hardware RNG Conclusion.

rossa
Download Presentation

Overview of this Presentation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Validation of Pseudo Random Numbers through Graphical AnalysisAndrew CronwrightSupervisor: Barry Irwin

  2. Overview of this Presentation • Randomness Defined • PRNG’s Introduced • Application of PRNG’s • Focus of PRNG’s in this Project • ISN’s Introduced • Results • Hardware RNG • Conclusion

  3. What is randomness? • A function or process not affected by any input or state • Independent of previous results • Example • Flipping an unbiased coin • Rolling die • Quantum effects

  4. PRNG’s • Mathematical function • Deterministic by nature • Simulates true randomness • Produces “random” like output • Used in many application

  5. Applications of PRNG’s • PRNG’s for different applications have different needs • Cryptography • TCP Initial Sequence Numbers • Physical Simulations • Games / Gambling (Lotto)

  6. Cryptography • Secret key must be random • If not random, can be easily guessed • Made random by collecting entropy

  7. Physical Simulations • Monte Carlo experiments require random numbers • Provided by PRNG

  8. Initial Sequence Numbers • On the creation of a TCP connection • A unique sequence number is used • Used to identify packets belonging to a specific connection.

  9. Initial Sequence Numbers, the problem • T, trusted host • C, client • X, nasty person • X can cause connections to be dropped • X can hijack connections and introduce malicious code

  10. Initial Sequence Numbers, the solution • RFC 793 proposed linear method for ISN • New standards introduced after security issues ISN = M + F(localhostIP + localport + remotehost + remoteportIP) or ISN = M + R(t) or ISN = R(t)

  11. The problem • Many computer systems need random numbers • Provided by a PRNG • PRNG’s can cause problems if not up to standard

  12. Random Event Validation • Will use graphical methods to identify randomness • Use the NIST test suite to support findings • Investigate Initial Sequence Numbers (ISNs) • Build hardware RNG

  13. A graphical view • Method of delayed coordinates plotted in a phase space • Convert 1-D to 3-D by: X[n] = s[n-2] – s[n-3] Y[n] = s[n-1] – s[n - 2] Z[n] = s[n] – s[n-1] • Higher dimensions are possible • Acts as a “comb”

  14. Example

  15. Lattice view X[n] = s[n] Y[n] = s[n-1] Z[n] = s[n-2] • This will highlight any lattice structure in the sequence

  16. Example

  17. Spherical view Θ[n] = 2 * PI * s[n-2] φ[n] = PI * s[n-1] r[n] = √( s[n] ) X[n] = r * Cos(θ) * Sin(φ) Y[n] = r * Sin(θ) * Sin(φ) Z[n] = r * Cos(φ) • Very similar to above method • Will also highlight dependencies in the data sequnce

  18. Example

  19. Colour – A higher dimension • Colour added using the HSV colour model • Assign first number in sequence a colour, and pass through the spectrum assigning colours to each element • Highlights whether sequence was created in a temporal manner

  20. Results – Win XP

  21. Win XP – SP1

  22. Win XP – SP2

  23. Cisco – IOS 12.1

  24. Fedora Core 3

  25. Hardware RNG

  26. Hardware RNG - Results

  27. Conclusion • PRNG’s are important, and should be carefully selected for an application • ISN’s should be implemented using a good quality PRNG • A hardware RNG is easy to implement, can be easily incorperated in PC’s hardware

  28. Conclusion cont. • Provided a graphical method for testing random numbers • Easier and faster than statistical testing • Will show / identify attractors in data quickly • Size of data set to test?

More Related