Pseudo-randomness in cryptography
This paper explores the pivotal role of randomness in ensuring the robustness of cryptographic systems. By conducting attacks on historically prevalent Pseudo-Random Number Generators (PRNGs), namely - Dual Elliptic Curve Deterministic Bit Number Generator (Dual-EC-DRBG), Truncated Linear Congruenti...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
Nanyang Technological University
2024
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/175094 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-175094 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1750942024-04-19T15:42:46Z Pseudo-randomness in cryptography Bansal Arushi Tay Kian Boon School of Computer Science and Engineering kianboon.tay@ntu.edu.sg Computer and Information Science Cryptography This paper explores the pivotal role of randomness in ensuring the robustness of cryptographic systems. By conducting attacks on historically prevalent Pseudo-Random Number Generators (PRNGs), namely - Dual Elliptic Curve Deterministic Bit Number Generator (Dual-EC-DRBG), Truncated Linear Congruential Generator (LCG), and Mersenne Twister – it demonstrates the causes of inadequate randomness and implications of these significant security vulnerabilities. The analysis reveals how these vulnerabilities can be exploited, undermining the security of their cryptographic applications. The paper also attacks the RC4 stream cipher, which relies on the randomness of its keystream for security, further illustrating the wide-ranging impact of insufficient pseudo-randomness on cryptographic integrity. The case studies serve to stress the essential need for adopting more sophisticated and unpredictable pseudo-random number generators within cryptographic frameworks. In addition, the paper defines the criteria for a cryptographically secure pseudo-random number generator (CSPRNG) and outlines the National Institute of Standards and Technology (NIST) randomness test suite, which offers a framework for evaluating the randomness quality of RNG outputs. The conclusions drawn from this research underscore the indispensable requirement of high-quality randomness in protecting cryptographic infrastructures from advanced threats, calling for continuous advancements and evaluations in PRNG technologies. Bachelor's degree 2024-04-19T13:10:25Z 2024-04-19T13:10:25Z 2024 Final Year Project (FYP) Bansal Arushi (2024). Pseudo-randomness in cryptography. Final Year Project (FYP), Nanyang Technological University, Singapore. https://hdl.handle.net/10356/175094 https://hdl.handle.net/10356/175094 en SCSE23-0538 application/pdf Nanyang Technological University |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Computer and Information Science Cryptography |
| spellingShingle |
Computer and Information Science Cryptography Bansal Arushi Pseudo-randomness in cryptography |
| description |
This paper explores the pivotal role of randomness in ensuring the robustness of cryptographic systems. By conducting attacks on historically prevalent Pseudo-Random Number Generators (PRNGs), namely - Dual Elliptic Curve Deterministic Bit Number Generator (Dual-EC-DRBG), Truncated Linear Congruential Generator (LCG), and Mersenne Twister – it demonstrates the causes of inadequate randomness and implications of these significant security vulnerabilities. The analysis reveals how these vulnerabilities can be exploited, undermining the security of their cryptographic applications.
The paper also attacks the RC4 stream cipher, which relies on the randomness of its keystream for security, further illustrating the wide-ranging impact of insufficient pseudo-randomness on cryptographic integrity. The case studies serve to stress the essential need for adopting more sophisticated and unpredictable pseudo-random number generators within cryptographic frameworks.
In addition, the paper defines the criteria for a cryptographically secure pseudo-random number generator (CSPRNG) and outlines the National Institute of Standards and Technology (NIST) randomness test suite, which offers a framework for evaluating the randomness quality of RNG outputs.
The conclusions drawn from this research underscore the indispensable requirement of high-quality randomness in protecting cryptographic infrastructures from advanced threats, calling for continuous advancements and evaluations in PRNG technologies. |
| author2 |
Tay Kian Boon |
| author_facet |
Tay Kian Boon Bansal Arushi |
| format |
Final Year Project |
| author |
Bansal Arushi |
| author_sort |
Bansal Arushi |
| title |
Pseudo-randomness in cryptography |
| title_short |
Pseudo-randomness in cryptography |
| title_full |
Pseudo-randomness in cryptography |
| title_fullStr |
Pseudo-randomness in cryptography |
| title_full_unstemmed |
Pseudo-randomness in cryptography |
| title_sort |
pseudo-randomness in cryptography |
| publisher |
Nanyang Technological University |
| publishDate |
2024 |
| url |
https://hdl.handle.net/10356/175094 |
| _version_ |
1814047244855279616 |