Chi-square of Pseudorandom Number Generator of Normal Distribution in C++17

High quality pseudorandom number generators were needed in many software solutions throughout the history of programming. Nowadays, these generators play an even more significant role in software development. Generally, these generators bring a certain level of coincidence in some algorithms which need it. This work focuses on the statistical evaluation of one of the representatives of the generators using Pearson's Chi-square goodness of fit test. The generator of pseudorandom numbers under test is the specific implementation in the modern standard of the programming language of C++ (the standard of C++17). Results presented in this paper inform whether the numbers generated by the selected generator follow the desired probability distribution (normal).

Curse of Re-encryption: A Generic Power/EM Analysis on Post-Quantum KEMs

This paper presents a side-channel analysis (SCA) on key encapsulation mechanism (KEM) based on the Fujisaki–Okamoto (FO) transformation and its variants. The FO transformation has been widely used in actively securing KEMs from passively secure public key encryption (PKE), as it is employed in most of NIST post-quantum cryptography (PQC) candidates for KEM. The proposed attack exploits side-channel leakage during execution of a pseudorandom function (PRF) or pseudorandom number generator (PRG) in the re-encryption of KEM decapsulation as a plaintext-checking oracle that tells whether the PKE decryption result is equivalent to the reference plaintext. The generality and practicality of the plaintext-checking oracle allow the proposed attack to attain a full-key recovery of various KEMs when an active attack on the underlying PKE is known. This paper demonstrates that the proposed attack can be applied to most NIST PQC third-round KEM candidates, namely, Kyber, Saber, FrodoKEM, NTRU, NTRU Prime, HQC, BIKE, and SIKE (for BIKE, the proposed attack achieves a partial key recovery). The applicability to Classic McEliece is unclear because there is no known active attack on this cryptosystem. This paper also presents a side-channel distinguisher design based on deep learning (DL) for mounting the proposed attack on practical implementation without the use of a profiling device. The feasibility of the proposed attack is evaluated through experimental attacks on various PRF implementations (a SHAKE software, an AES software, an AES hardware, a bit-sliced masked AES software, and a masked AES hardware based on threshold implementation). Although it is difficult to implement the oracle using the leakage from the TI-based masked hardware, the success of the proposed attack against these implementations (even except for the masked hardware), which include masked software, confirms its practicality.

Linear Feedback Shift Register and its Applications in Digital System Design

In digital system design, the Linear Feedback Shift Register (LFSR) is the queen of logic functions, and the design engineers can use LFSR in both hardware (HW) or software (SW) implementation. In this paper, LFSR will be discussed in its HW implementation via Hardware description language. In addition, the application of LFSR in of pseudorandom number generator (PRNG), direct sequence spread spectrum (DSSS), cyclic redundancy check (CRC) is also given. Keywords-- Digital system design, System on chip, ASIC digital design, Linear feedback shift register

LXM: better splittable pseudorandom number generators (and almost as fast)

In 2014, Steele, Lea, and Flood presented SplitMix, an object-oriented pseudorandom number generator (prng) that is quite fast (9 64-bit arithmetic/logical operations per 64 bits generated) and also splittable . A conventional prng object provides a generate method that returns one pseudorandom value and updates the state of the prng; a splittable prng object also has a second operation, split , that replaces the original prng object with two (seemingly) independent prng objects, by creating and returning a new such object and updating the state of the original object. Splittable prng objects make it easy to organize the use of pseudorandom numbers in multithreaded programs structured using fork-join parallelism. This overall strategy still appears to be sound, but the specific arithmetic calculation used for generate in the SplitMix algorithm has some detectable weaknesses, and the period of any one generator is limited to 2 64 . Here we present the LXM family of prng algorithms. The idea is an old one: combine the outputs of two independent prng algorithms, then (optionally) feed the result to a mixing function. An LXM algorithm uses a linear congruential subgenerator and an F 2 -linear subgenerator; the examples studied in this paper use a linear congruential generator (LCG) of period 2 16 , 2 32 , 2 64 , or 2 128 with one of the multipliers recommended by L’Ecuyer or by Steele and Vigna, and an F 2 -linear xor-based generator (XBG) of the xoshiro family or xoroshiro family as described by Blackman and Vigna. For mixing functions we study the MurmurHash3 finalizer function; variants by David Stafford, Doug Lea, and degski; and the null (identity) mixing function. Like SplitMix, LXM provides both a generate operation and a split operation. Also like SplitMix, LXM requires no locking or other synchronization (other than the usual memory fence after instance initialization), and is suitable for use with simd instruction sets because it has no branches or loops. We analyze the period and equidistribution properties of LXM generators, and present the results of thorough testing of specific members of this family, using the TestU01 and PractRand test suites, not only on single instances of the algorithm but also for collections of instances, used in parallel, ranging in size from 2 to 2 24 . Single instances of LXM that include a strong mixing function appear to have no major weaknesses, and LXM is significantly more robust than SplitMix against accidental correlation in a multithreaded setting. We believe that LXM, like SplitMix, is suitable for “everyday” scientific and machine-learning applications (but not cryptographic applications), especially when concurrent threads or distributed processes are involved.

Research on Pseudorandom Number Generator Based on Several New Types of Piecewise Chaotic Maps

This paper proposes three types of one-dimensional piecewise chaotic maps and two types of symmetrical piecewise chaotic maps and presents five theorems. Furthermore, some examples that satisfy the theorems are constructed, and an analysis and model of the dynamic properties are discussed. The construction methods proposed in this paper have a certain generality and provide a theoretical basis for constructing a new discrete chaotic system. In addition, this paper designs a pseudorandom number generator based on piecewise chaotic map and studies its application in cryptography. Performance evaluation shows that the generator can generate high quality random sequences efficiently.

Higher-Order Lookup Table Masking in Essentially Constant Memory

Masking using randomised lookup tables is a popular countermeasure for side-channel attacks, particularly at small masking orders. An advantage of this class of countermeasures for masking S-boxes compared to ISW-based masking is that it supports pre-processing and thus significantly reducing the amount of computation to be done after the unmasked inputs are available. Indeed, the “online” computation can be as fast as just a table lookup. But the size of the randomised lookup table increases linearly with the masking order, and hence the RAM memory required to store pre-processed tables becomes infeasible for higher masking orders. Hence demonstrating the feasibility of full pre-processing of higher-order lookup table-based masking schemes on resource-constrained devices has remained an open problem. In this work, we solve the above problem by implementing a higher-order lookup table-based scheme using an amount of RAM memory that is essentially independent of the masking order. More concretely, we reduce the amount of RAM memory needed for the table-based scheme of Coron et al. (TCHES 2018) approximately by a factor equal to the number of shares. Our technique is based upon the use of pseudorandom number generator (PRG) to minimise the randomness complexity of ISW-based masking schemes proposed by Ishai et al. (ICALP 2013) and Coron et al. (Eurocrypt 2020). Hence we show that for lookup table-based masking schemes, the use of a PRG not only reduces the randomness complexity (now logarithmic in the size of the S-box) but also the memory complexity, and without any significant increase in the overall running time. We have implemented in software the higher-order table-based masking scheme of Coron et al. (TCHES 2018) at tenth order with full pre-processing of a single execution of all the AES S-boxes on a ARM Cortex-M4 device that has 256 KB RAM memory. Our technique requires only 41.2 KB of RAM memory, whereas the original scheme would have needed 440 KB. Moreover, our 8-bit implementation results demonstrate that the online execution time of our variant is about 1.5 times faster compared to the 8-bit bitsliced masked implementation of AES-128.

Tri-valued Memristor-based Hyper-chaotic System with Hidden and Coexistent Attractors

Recently, the nonlinear dynamics of memristor has attracted much attention. In this paper, a novel fourdimensional hyper-chaotic system (4D-HCS) is proposed by introducing a tri-valued memristor to the famous L¨u system. Theoretical analysis shows that the 4D-HCS has complex chaotic dynamics such as hidden attritors and coexistent attractors, and it has larger maximum Lyapunov exponent and chaotic parameter space than the original L¨u system. We also experimentally analyze the dynamics behaviors of the 4D-HCS in aspects of the phase diagram, Poincar´e mapping, bifurcation diagram, Lyapunov exponential spectrum, and the correlation coefficient, and the analysis results show the complex dynamic characteristics of the proposed 4D-HCS. In addition, the comparison with binary-valued memristorbased chaotic system shows that the 4D-HCS has unique characteristics such as hyper-chaos and coexistent attractors. To show the easy implementation of the 4D-HCS, we implement the 4D-HCS in an analogue circuit-based hardware platform, and the implementation results are consistent with the theoretical analysis. Finally, using the 4D-HCS, we design a pseudorandom number generator to explore its potential application in cryptography.

Attacks and Defenses for Single-Stage Residue Number System PRNGs

This paper explores the security of a single-stage residue number system (RNS) pseudorandom number generator (PRNG), which has previously been shown to provide extremely high-quality outputs when evaluated through available RNG statistical test suites or in using Shannon and single-stage Kolmogorov entropy metrics. In contrast, rather than blindly performing statistical analyses on the outputs of the single-stage RNS PRNG, this paper provides both white box and black box analyses that facilitate reverse engineering of the underlying RNS number generation algorithm to obtain the residues, or equivalently key, of the RNS algorithm. We develop and demonstrate a conditional entropy analysis that permits extraction of the key given a priori knowledge of state transitions as well as reverse engineering of the RNS PRNG algorithm and parameters (but not the key) in problems where the multiplicative RNS characteristic is too large to obtain a priori state transitions. We then discuss multiple defenses and perturbations for the RNS system that fool the original attack algorithm, including deliberate noise injection and code hopping. We present a modification to the algorithm that accounts for deliberate noise, but rapidly increases the search space and complexity. Lastly, we discuss memory requirements and time required for the attacker and defender to maintain these defenses.