Statistical Randomness Tests of Long Sequences by Dynamic Partitioning

With the rapid increase in computer storage capabilities, user data has become increasingly important. Although user data can be maintained by various protection techniques, its safety has been threatened by the advent of ransomware, defined as malware that encrypts user data, such as documents, photographs and videos, and demands money to victims in exchange for data recovery. Ransomware-infected files can be recovered only by obtaining the encryption key used to encrypt the files. However, the encryption key is derived using a Pseudo Random Number Generator (PRNG) and is recoverable only by the attacker. For this reason, the encryption keys of malware are known to be difficult to obtain. In this paper, we analyzed Magniber v2, which has exerted a large impact in the Asian region. We revealed the operation process of Magniber v2 including PRNG and file encryption algorithms. In our analysis, we found a vulnerability in the PRNG of Magniber v2 developed by the attacker. We exploited this vulnerability to successfully recover the encryption keys, which was by verified the result in padding verification and statistical randomness tests. To our knowledge, we report the first recovery result of Magniber v2-infected files.

Download Full-text

New Statistical Randomness Tests Based on Length of Runs

Mathematical Problems in Engineering ◽

10.1155/2015/626408 ◽

2015 ◽

Vol 2015 ◽

pp. 1-14 ◽

Cited By ~ 5

Author(s):

Ali Doğanaksoy ◽

Fatih Sulak ◽

Muhiddin Uğuz ◽

Okan Şeker ◽

Ziya Akcengiz

Keyword(s):

Statistical Tests ◽

Random Sequence ◽

Cryptographic Protocols ◽

Experimental Results ◽

Security Evaluation ◽

Random Numbers ◽

Statistical Distributions ◽

Cryptographic Algorithm ◽

Encryption Algorithms ◽

Randomness Tests

Random sequences and random numbers constitute a necessary part of cryptography. Many cryptographic protocols depend on random values. Randomness is measured by statistical tests and hence security evaluation of a cryptographic algorithm deeply depends on statistical randomness tests. In this work we focus on statistical distributions of runs of lengths one, two, and three. Using these distributions we state three new statistical randomness tests. New tests useχ2distribution and, therefore, exact values of probabilities are needed. Probabilities associated runs of lengths one, two, and three are stated. Corresponding probabilities are divided into five subintervals of equal probabilities. Accordingly, three new statistical tests are defined and pseudocodes for these new statistical tests are given. New statistical tests are designed to detect the deviations in the number of runs of various lengths from a random sequence. Together with some other statistical tests, we analyse our tests’ results on outputs of well-known encryption algorithms and on binary expansions ofe,π, and2. Experimental results show the performance and sensitivity of our tests.

Download Full-text

Task-based clustering method for the dynamic partitioning management in CVE systems

WiMob'2005), IEEE International Conference on Wireless And Mobile Computing, Networking And Communications, 2005. ◽

10.1109/wimob.2005.1512961 ◽

2006 ◽

Author(s):

Hu Xiaomei ◽

Zhai Zhengjun ◽

Cai Xiaobin

Keyword(s):

Clustering Method ◽

Dynamic Partitioning

Download Full-text

Adaptative backtrace and dynamic partitioning enhance ATPG (IC testing)

Proceedings 1988 IEEE International Conference on Computer Design: VLSI ◽

10.1109/iccd.1988.25660 ◽

2003 ◽

Cited By ~ 4

Author(s):

A. Lioy

Keyword(s):

Dynamic Partitioning ◽

Ic Testing

Download Full-text

More Powerful and Reliable Second-Level Statistical Randomness Tests for NIST SP 800-22

Advances in Cryptology – ASIACRYPT 2016 - Lecture Notes in Computer Science ◽

10.1007/978-3-662-53887-6_11 ◽

2016 ◽

pp. 307-329 ◽

Cited By ~ 6

Author(s):

Shuangyi Zhu ◽

Yuan Ma ◽

Jingqiang Lin ◽

Jia Zhuang ◽

Jiwu Jing

Keyword(s):

Randomness Tests

Download Full-text

On the correlation and sensitivity of so far statistical randomness tests based on runs

Journal of Science and Technology on Information security ◽

10.54654/isj.v2i14.212 ◽

2022 ◽

Vol 2 (14) ◽

pp. 55-65

Author(s):

Hoang Dinh Linh ◽

Do Dai Chi ◽

Nguyen Tuan Anh ◽

Le Thao Uyen

Keyword(s):

Statistical Tests ◽

Random Sequence ◽

Random Numbers ◽

Expected Number ◽

Cryptographic Primitives ◽

Pearson Coefficient ◽

Strong Linear Correlation ◽

Cryptographic Algorithms ◽

Coefficient Method ◽

Randomness Tests

Abstract—Random numbers play a very important role in cryptography. More precisely, almost cryptographic primitives are ensured their security based on random values such as random key, nonces, salts... Therefore, the assessment of randomness according to statistical tests is really essential for measuring the security of cryptographic algorithms. In this paper, we focus on so far randomness tests based on runs in the literature. First, we have proved in detail that the expected number of gaps (or blocks) of length in a random sequence of length is . Secondly, we have evaluated correlation of some tests based on runs so far using Pearson coefficient method [5, 6] and Fail-Fail ratio one [7, 8]. Surprisingly, the Pearson coefficient method do not show any strong linear correlation of these runs-based tests but the Fail-Fail ratio do. Then, we have considered the sensitivity of these runs tests with some basic transformations. Finally, we have proposed some new runs tests based on the sensitivity results and applied evaluations to some random sources. Tóm tắt—Số ngẫu nhiên đóng một vai trò quan trọng trong mật mã. Cụ thể, độ an toàn của hầu hết các nguyên thủy mật mã đều được đảm bảo dựa trên các giá trị ngẫu nhiên như khóa, nonce, salt… Do đó, việc đánh giá tính ngẫu nhiên dựa trên các kiểm tra thống kê là thực sự cần thiết để đo độ an toàn cho các thuật toán mật mã. Trong bài báo này, chúng tôi tập trung vào các kiểm tra ngẫu nhiên dựa vào run trong các tài liệu. Đầu tiên, chúng tôi chứng minh chi tiết rằng kỳ vọng số các gap (khối) độ dài trong một chuỗi ngẫu nhiên độ dài là . Sau đó, chúng tôi đánh giá mối tương quan của một số kiểm tra dựa vào run bằng phương pháp hệ số Pearson [5, 6] và tỷ số Fail-Fail [7, 8]. Đáng ngạc nhiên là phương pháp hệ số Pearson không cho thấy bất kỳ mối tương quan tuyến tính mạnh nào của các kiểm tra dựa vào run, trong khi đó tỷ số Fail-Fail lại chỉ ra. Tiếp theo, chúng tôi xem xét độ nhạy của các kiểm tra run này với một số phép biến đổi cơ bản. Cuối cùng, chúng tôi đề xuất một số kiểm tra run mới dựa trên các kết quả độ nhạy và đánh giá áp dụng chúng cho một số nguồn ngẫu nhiên.

Download Full-text