Pseudo-randomness in cryptography
This paper explores the pivotal role of randomness in ensuring the robustness of cryptographic systems. By conducting attacks on historically prevalent Pseudo-Random Number Generators (PRNGs), namely - Dual Elliptic Curve Deterministic Bit Number Generator (Dual-EC-DRBG), Truncated Linear Congruenti...
Saved in:
| 主要作者: | |
|---|---|
| 其他作者: | |
| 格式: | Final Year Project |
| 語言: | English |
| 出版: |
Nanyang Technological University
2024
|
| 主題: | |
| 在線閱讀: | https://hdl.handle.net/10356/175094 |
| 標簽: |
添加標簽
沒有標簽, 成為第一個標記此記錄!
|
| 機構: | Nanyang Technological University |
| 語言: | English |
| 總結: | This paper explores the pivotal role of randomness in ensuring the robustness of cryptographic systems. By conducting attacks on historically prevalent Pseudo-Random Number Generators (PRNGs), namely - Dual Elliptic Curve Deterministic Bit Number Generator (Dual-EC-DRBG), Truncated Linear Congruential Generator (LCG), and Mersenne Twister – it demonstrates the causes of inadequate randomness and implications of these significant security vulnerabilities. The analysis reveals how these vulnerabilities can be exploited, undermining the security of their cryptographic applications.
The paper also attacks the RC4 stream cipher, which relies on the randomness of its keystream for security, further illustrating the wide-ranging impact of insufficient pseudo-randomness on cryptographic integrity. The case studies serve to stress the essential need for adopting more sophisticated and unpredictable pseudo-random number generators within cryptographic frameworks.
In addition, the paper defines the criteria for a cryptographically secure pseudo-random number generator (CSPRNG) and outlines the National Institute of Standards and Technology (NIST) randomness test suite, which offers a framework for evaluating the randomness quality of RNG outputs.
The conclusions drawn from this research underscore the indispensable requirement of high-quality randomness in protecting cryptographic infrastructures from advanced threats, calling for continuous advancements and evaluations in PRNG technologies. |
|---|