Somnath Panja,Shaoquan Jiang,Reihaneh Safavi-Naini

2024-05-07

Abstract:Fuzzy extractors (FE) are cryptographic primitives that extract reliable cryptographic key from noisy real world random sources such as biometric sources. The FE generation algorithm takes a source sample, extracts a key and generates some helper data that will be used by the reproduction algorithm to recover the key. Reusability of FE guarantees that security holds when FE is used multiple times with the same source, and robustness of FE requires tampering with the helper data be detectable.

Cryptography and Security

Hong Jie Ng,Wen Yu Kon,Ignatius William Primaatmaja,Chao Wang,Charles Lim

DOI: https://doi.org/10.1103/physrevapplied.21.034005

IF: 4.6

2024-03-06

Physical Review Applied

Abstract:Randomness extraction is an essential postprocessing step in practical quantum cryptography systems. When statistical fluctuations are taken into consideration, the requirement of large-input data size could heavily penalize the speed and resource consumption of the randomness-extraction process, thereby limiting the overall system performance. In this work, we propose a sampled subblock hashing approach to circumvent this problem by randomly dividing the large-input block into multiple subblocks and processing them individually. Through simulations and experiments, we demonstrate that our method achieves an order-of-magnitude increase in system throughput while keeping the resource utilization low. Furthermore, our proposed approach is applicable to a generic class of quantum cryptographic protocols that satisfy the generalized entropy-accumulation framework, presenting a highly promising and general solution for high-speed postprocessing in quantum cryptographic applications such as quantum key distribution and quantum random number generation. https://doi.org/10.1103/PhysRevApplied.21.034005 Published by the American Physical Society under the terms of the Creative Commons Attribution 4.0 International license. Further distribution of this work must maintain attribution to the author(s) and the published article's title, journal citation, and DOI. Published by the American Physical Society

physics, applied

Hong Jie Ng,Wen Yu Kon,Ignatius William Primaatmaja,Chao Wang,Charles Lim

DOI: https://doi.org/10.1103/PhysRevApplied.21.034005

2023-08-05

Abstract:Randomness extraction is an essential post-processing step in practical quantum cryptography systems. When statistical fluctuations are taken into consideration, the requirement of large input data size could heavily penalise the speed and resource consumption of the randomness extraction process, thereby limiting the overall system performance. In this work, we propose a sampled sub-block hashing approach to circumvent this problem by randomly dividing the large input block into multiple sub-blocks and processing them individually. Through simulations and experiments, we demonstrate that our method achieves an order-of-magnitude improvement in system throughput while keeping the resource utilisation low. Furthermore, our proposed approach is applicable to a generic class of quantum cryptographic protocols that satisfy the generalised entropy accumulation framework, presenting a highly promising and general solution for high-speed post-processing in quantum cryptographic applications such as quantum key distribution and quantum random number generation.

Quantum Physics

Fu Li,David Zuckerman

DOI: https://doi.org/10.4230/lipics.approx-random.2019.72

2018-01-01

Abstract:We study the task of seedless randomness extraction from recognizable sources, which are uniform distributions over sets of the form { x : f ( x ) = 1 } for functions f in some specified class C . We give two simple methods for constructing seedless extractors for C -recognizable sources. Our first method shows that if C admits XOR amplification, then we can construct a seedless extractor for C -recognizable sources by using a mildly hard function for C as a black box. By exploiting this reduction, we give polynomial-time, seedless randomness extractors for three natural recognizable sources: (1) constant-degree algebraic sources over any prime field, where constant-degree algebraic sources are uniform distributions over the set of zeros of a system of constant degree polynomials; (2) sources recognizable by randomized multiparty communication protocols of cn bits, where c > 0 is a small enough constant; (3) halfspace sources, or sources recognizable by linear threshold functions. In particular, the new extractor for each of these three sources has linear output length and exponentially small error for min-entropy k ≥ (1 − α ) n , where α > 0 is a small enough constant. Our second method shows that a seed-extending pseudorandom generator with exponentially small error for C yields an extractor with exponentially small error for C -recognizable sources, improving a reduction by Kinne, Melkebeek, and Shaltiel [16]. Using the hardness of the parity function against AC 0 [13], we significantly improve Shaltiel’s extractor [25] for AC 0 -recognizable sources. Finally, assuming sufficiently strong one-way permutations, we construct seedless extractors for sources recognizable by BPP algorithms, and these extractors run in quasi-polynomial time.

Douglas Cenzer,Christopher P. Porter

DOI: https://doi.org/10.48550/arXiv.2103.03971

2021-03-06

Abstract:In this article, we study a notion of the extraction rate of Turing functionals that translate between notions of randomness with respect to different underlying probability measures. We analyze several classes of extraction procedures: a first class that generalizes von Neumann's trick for extracting unbiased randomness from the tosses of a biased coin, a second class based on work of generating biased randomness from unbiased randomness by Knuth and Yao, and a third class independently developed by Levin and Kautz that generalizes the data compression technique of arithmetic coding. For the first two classes of extraction procedures, we identify a level of algorithmic randomness for an input that guarantees that we attain the extraction rate along that input, while for the third class, we calculate the rate attained along sufficiently random input sequences.

Logic

Cameron Foreman,Richie Yeung,Florian J. Curchod

2024-03-28

Abstract:Random number generators (RNGs) are notoriously hard to build and test, especially in a cryptographic setting. Although one cannot conclusively determine the quality of an RNG by testing the statistical properties of its output alone, running numerical tests is both a powerful verification tool and the only universally applicable method. In this work, we present and make available a comprehensive statistical testing environment (STE) that is based on existing statistical test suites. The STE can be parameterised to run lightweight (i.e. fast) all the way to intensive testing, which goes far beyond what is required by certification bodies. With it, we benchmark the statistical properties of several RNGs, comparing them against each other. We then present and implement a variety of post-processing methods, in the form of randomness extractors, which improve the RNG's output quality under different sets of assumptions and analyse their impact through numerical testing with the STE.

Cryptography and Security,Quantum Physics

Dean Doron,João Ribeiro

2024-11-12

Abstract:(abstract shortened due to space constraints) Existing constructions of seeded extractors with short seed length and large output length run in time $\Omega(n \log(1/\varepsilon))$ and often slower, where $n$ is the input source length and $\varepsilon$ is the error of the extractor. Since cryptographic applications of extractors require $\varepsilon$ to be small, the resulting runtime makes these extractors unusable in practice. Motivated by this, we explore constructions of strong seeded extractors with short seeds computable in nearly-linear time $O(n \log^c n)$, for any error $\varepsilon$. We show that an appropriate combination of modern condensers and classical approaches for constructing seeded extractors for high min-entropy sources yields strong extractors for $n$-bit sources with any min-entropy $k$ and any target error $\varepsilon$ with seed length $d=O(\log(n/\varepsilon))$ and output length $m=(1-\eta)k$ for an arbitrarily small constant $\eta>0$, running in nearly-linear time, after a reasonable one-time preprocessing step (finding a primitive element of $\mathbb{F}_q$ with $q=poly(n/\varepsilon)$ a power of $2$) that is only required when $k<2^{C\log^* n}\cdot\log^2(n/\varepsilon)$, for a constant $C>0$ and $\log^*$ the iterated logarithm, and which can be implemented in time $polylog(n/\varepsilon)$ under mild conditions on $q$. As a second contribution, we give an instantiation of Trevisan's extractor that can be evaluated in truly linear time in the RAM model, as long as the number of output bits is at most $\frac{n}{\log(1/\varepsilon)polylog(n)}$. Previous fast implementations of Trevisan's extractor ran in $\widetilde{O}(n)$ time in this setting. In particular, these extractors directly yield privacy amplification protocols with the same time complexity and output length, and communication complexity equal to their seed length.

Computational Complexity,Cryptography and Security,Information Theory

Hongchao Zhou,Jehoshua Bruck

DOI: https://doi.org/10.48550/arXiv.1209.0734

2012-09-05

Abstract:We study the problem of extracting a prescribed number of random bits by reading the smallest possible number of symbols from non-ideal stochastic processes. The related interval algorithm proposed by Han and Hoshi has asymptotically optimal performance; however, it assumes that the distribution of the input stochastic process is known. The motivation for our work is the fact that, in practice, sources of randomness have inherent correlations and are affected by measurement's noise. Namely, it is hard to obtain an accurate estimation of the distribution. This challenge was addressed by the concepts of seeded and seedless extractors that can handle general random sources with unknown distributions. However, known seeded and seedless extractors provide extraction efficiencies that are substantially smaller than Shannon's entropy limit. Our main contribution is the design of extractors that have a variable input-length and a fixed output length, are efficient in the consumption of symbols from the source, are capable of generating random bits from general stochastic processes and approach the information theoretic upper bound on efficiency.

Information Theory,Cryptography and Security,Probability

Qian Li,Xiaoming Sun,Xingjian Zhang,Hongyi Zhou

2024-01-12

Abstract:Randomness extraction is a key problem in cryptography and theoretical computer science. With the recent rapid development of quantum cryptography, quantum-proof randomness extraction has also been widely studied, addressing the security issues in the presence of a quantum adversary. In contrast with conventional quantum-proof randomness extractors characterizing the input raw data as min-entropy sources, we find that the input raw data generated by a large class of trusted-device quantum random number generators can be characterized as the so-called reverse block source. This fact enables us to design improved extractors. Specifically, we propose two novel quantum-proof randomness extractors for reverse block sources that realize real-time block-wise extraction. In comparison with the general min-entropy randomness extractors, our designs achieve a significantly higher extraction speed and a longer output data length with the same seed length. In addition, they enjoy the property of online algorithms, which process the raw data on the fly without waiting for the entire input raw data to be available. These features make our design an adequate choice for the real-time post-processing of practical quantum random number generators. Applying our extractors to the raw data generated by a widely used quantum random number generator, we achieve a simulated extraction speed as high as $300$ Gbps.

Quantum Physics

Tong Zhou,Mingyan Yu,YIzheng Ye

DOI: https://doi.org/10.1109/mwscas.2006.381785

2006-01-01

Abstract:This paper presents a high-speed truly random number generator based on a simple chaotic map of the Bernoulli shift, which is extended to keep robustness in practical implementation. The design is realized by switched- current techniques that can make it be fully integrated in embedded cryptosystems. And a pipelined architecture post- processed by a SHA-1 hardware module is proposed to improve the throughput and the randomness statistical properties. The whole design is implemented in UMC 0.18 mum CMOS mixed signal process, and the statistical properties are investigated by post-simulations. The power consumption is low and the truly random output bit rate can get to 266 Mbit/s.

Cameron Foreman,Lluis Masanes

2024-03-08

Abstract:Device-independent (DI) quantum cryptography aims at providing secure cryptography with minimal trust in, or characterisation of, the underlying quantum devices. An essential step in DI protocols is randomness extraction (or privacy amplification) which requires the honest parties to have a seed of additional bits with sufficient entropy and statistical independence of any bits generated during the protocol. In this work we introduce a method for extraction in DI protocols which does not require a seed and is secure against computationally unbounded quantum adversary. The key idea is to use the Bell violation of the raw data, instead of its min-entropy, as the extractor promise.

Quantum Physics

Seung-Il Kim,Hyeong-Jin You,Myung-Su Kim,Un-Shi An,Moon-Seok Kim,Do Hoon Lee,Seung-Tak Ryu,Yang-Kyu Choi

DOI: https://doi.org/10.1126/sciadv.adk6042

IF: 13.6

2024-02-24

Science Advances

Abstract:We design a cryptographic transistor (cryptoristor)–based true random number generator (tRNG) with low power consumption and small footprint. This is the first attempt to use irregular and unpredictable operation-induced randomness of a cryptoristor as an entropy source. To extract discrete random numbers with a binary code from the cryptoristor, we developed a noise-coupling analog-to-digital converter. This converter not only converts analog signals to digital random bits but also improves the randomness of the entropy source with low power consumption. The randomness of the cryptoristor is attributed to the random carrier multiplications with the creation and stochastic carrier escape as destruction, which occurs iteratively as long as the input current is fed. The cryptoristor-based tRNG passed 15 randomness test suites of NIST Special Publication 800-22. It is robust to iterative operational stresses and to ambient temperature changes, making it an attractive option for hardware-based security solutions in the Internet of Things due to its low power consumption and small size.

multidisciplinary sciences

Anurag K S V,Raghavan G,Kanaka Raju P.

DOI: https://doi.org/10.1088/1402-4896/ad587f

2024-06-16

Physica Scripta

Abstract:Random Number Generators (RNGs) are devices whose utility spans from cryptography to gambling. Depending on the source of the random seed, RNGs are classified as Pseudo-Random Number Generators (PRNGs), which are based on mathematical algorithms, True Random Number Generators (TRNGs) sourced through seemingly random physical processes, and finally, Quantum Random Number Generators (QRNGs) which harness the intrinsic randomness of measured outcomes of quantum states. To ensure that the output of a QRNG is private and nearly uniform, the raw data undergoes a strong extraction process such as Toeplitz or Trevisan Hashing. The extraction process needs to be extremely efficient to achieve high-speed random number generation. The present work demonstrates state-of-the-art methods for performing information-theoretically provable randomness extraction using variations of the Toeplitz Hashing algorithm. These algorithms are implemented on various hardware for comprehensive analysis. Subsequently, these methods are applied to two raw data sets from a PRNG source and a quantum source. A new benchmark of 19.5 Gbps for Randomness Extraction using the Fast Fourier Transform-based Toeplitz Strong Extractor is demonstrated in this work. The implementation of the algorithm on a GPU-based system demonstrates notably enhanced speed, marking a significant leap beyond the existing state-of-the-art implementations.

physics, multidisciplinary

Xin Li,Yan Zhong

2024-04-26

Abstract:Non-malleable extractors are generalizations and strengthening of standard randomness extractors, that are resilient to adversarial tampering. Such extractors have wide applications in cryptography and explicit construction of extractors. In the well-studied models of two-source and affine non-malleable extractors, the previous best constructions only work for entropy rate $>2/3$ and $1-\gamma$ respectively by Li (FOCS' 23).

Computational Complexity,Combinatorics

Anindya De,Christopher Portmann,Thomas Vidick,Renato Renner

DOI: https://doi.org/10.1137/100813683

2012-06-19

Abstract:Randomness extraction involves the processing of purely classical information and is therefore usually studied in the framework of classical probability theory. However, such a classical treatment is generally too restrictive for applications, where side information about the values taken by classical random variables may be represented by the state of a quantum system. This is particularly relevant in the context of cryptography, where an adversary may make use of quantum devices. Here, we show that the well known construction paradigm for extractors proposed by Trevisan is sound in the presence of quantum side information. We exploit the modularity of this paradigm to give several concrete extractor constructions, which, e.g, extract all the conditional (smooth) min-entropy of the source using a seed of length poly-logarithmic in the input, or only require the seed to be weakly random.

Quantum Physics,Computational Complexity,Cryptography and Security

Ram Soorat,Madhuri K.,Ashok Vudayagiri

DOI: https://doi.org/10.48550/arXiv.1510.01234

2015-10-06

Abstract:One of the key requirement of many schemes is that of random numbers. Sequence of random numbers are used at several stages of a standard cryptographic protocol. A simple example is of a Vernam cipher, where a string of random numbers is added to massage string to generate the encrypted code. It is represented as $C=M \oplus K $ where $M$ is the message, $K$ is the key and $C$ is the ciphertext. It has been mathematically shown that this simple scheme is unbreakable is key K as long as M and is used only once. For a good cryptosystem, the security of the cryptosystem is not be based on keeping the algorithm secret but solely on keeping the key secret. The quality and unpredictability of secret data is critical to securing communication by modern cryptographic techniques. Generation of such data for cryptographic purposes typically requires an unpredictable physical source of random data. In this manuscript, we present studies of three different methods for producing random number. We have tested them by studying its frequency, correlation as well as using the test suit from NIST.

Computational Physics,Cryptography and Security,Instrumentation and Detectors

Claude Gravel

DOI: https://doi.org/10.48550/arXiv.2101.02345

2021-01-07

Information Theory

Abstract:An iterative randomness extraction algorithm which generalized the Von Neumann's extraction algorithm is detailed, analyzed and implemented in standard C++. Given a sequence of independently and identically distributed biased Bernoulli random variables, to extract randomness from the aforementioned sequence pertains to produce a new sequence of independently and identically distributed unbiased Bernoulli random variables. The iterative construction here is inspired from the work of Stout and Warren 1984 who modified appropriately the tree of probabilities produced by recursively repeating the Von Neumann's extraction algorithm. The correctness of the iterative algorithm is proven. The number of biased Bernoulli random variables needed to produce one unbiased instance is the complexity of interest. The complexity depends on the bias of the source. The expected complexity converges toward 3.10220648... when the bias tends to 0 and diverges when the bias tends to 1/2. In addition to the expected complexity, some other results that concern the limiting asymptotic construction, and that seem unnoticed in the literature so far, are proven.

Qian Li,Hongyi Zhou

2024-01-29

Abstract:Quantum-proof randomness extraction is essential for handling quantum side information possessed by a quantum adversary, which is widely applied in various quantum cryptography tasks. In this study, we introduce a real-time two-source quantum randomness extractor against quantum side information. Our extractor is tailored for forward block sources, a novel category of min-entropy sources introduced in this work. These sources retain the flexibility to accommodate a broad range of quantum random number generators. Our online algorithms demonstrate the extraction of a constant fraction of min-entropy from two infinitely long independent forward block sources. Moreover, our extractor is inherently block-wise parallelizable, presenting a practical and efficient solution for the timely extraction of high-quality randomness. Applying our extractors to the raw data of one of the most commonly used quantum random number generators, we achieve a simulated extraction speed as high as 64 Gbps.

Quantum Physics

Yan Zhu,Di Ma,Changjun Hu,Gail-Joon Ahn,Hongxin Hu

DOI: https://doi.org/10.1016/j.jnca.2014.07.033

IF: 7.574

2014-01-01

Journal of Network and Computer Applications

Abstract:Many random functions, like Hash, MAC, PRG, have been used in various network applications for different security choices. However, they are either fast but insecure or cryptographic secure but slow. To integrate them together, in this paper we present a new family of square random functions, including SqHash, SqMAC and SqPRG, based on a specially truncated function (MSB or LSB), as well as circular convolution with carry bits. Provable security is provided by the privacy property in hidden number problem and Hard-core unpredication of one-way function. The experiment results show that these schemes have better performance under different input and output lengths. We also perform four types of statistical tests for randomness. The experiments indicate that our construction has good average-case randomness than SHA-2 and original Square algorithm.

Jérémie Lumbroso

DOI: https://doi.org/10.48550/arXiv.1304.1916

2013-04-07

Abstract:This article introduces an algorithm to draw random discrete uniform variables within a given range of size n from a source of random bits. The algorithm aims to be simple to implement and optimal both with regards to the amount of random bits consumed, and from a computational perspective---allowing for faster and more efficient Monte-Carlo simulations in computational physics and biology. I also provide a detailed analysis of the number of bits that are spent per variate, and offer some extensions and applications, in particular to the optimal random generation of permutations.

Data Structures and Algorithms,Probability,Computational Physics,Data Analysis, Statistics and Probability