Dawei Li,Yier Jin,Haibin Shen,Xiaolang Yan

DOI: https://doi.org/10.1109/ICCIAS.2006.295264

2006-01-01

Abstract:Based upon the analysis of random number generators (RNGs) which amplify noise directly, the paper proposes a new design theory to generate random number by combining noise source and chaotic transformation in analog circuit. According to the design guideline, the paper analyzes some characteristics of chaotic map, and proves the key character of smoothing. The paper also introduces how to choose parameters when employing these chaotic transformation maps and the test results of chips designed according to this method is given. Also, the proposed design can intrinsically protect the unpredictability of generated random numbers against some attacks on noise sources

Arup Mondal,Ruthu Hulikal Rooparaghunath,Debayan Gupta

2023-10-19

Abstract:Buoyed by the excitement around secure decentralized applications, the last few decades have seen numerous constructions of distributed randomness beacons (DRB) along with use cases; however, a secure DRB (in many variations) remains an open problem. We further note that it is natural to want some kind of reward for participants who spend time and energy evaluating the randomness beacon value -- this is already common in distributed protocols. In this work, we present RandGener, a novel $n$-party commit-reveal-recover (or collaborative) DRB protocol with a novel reward and penalty mechanism along with a set of realistic guarantees. We design our protocol using trapdoor watermarkable verifiable delay functions in the RSA group setting (without requiring a trusted dealer or distributed key generation).

Cryptography and Security

Zhijie Jerry Shi,Fan Zhang

2006-01-01

Abstract:Elliptic curve cryptography (ECC) has attracted a lot of attention because it can provide similar levels of security with much shorter keys than the arithmetic of multiple-precision integers in finite fields, which has been widely used in many public-key and key-exchange algorithms. Small key sizes are especially important to resource constrained devices as shorter keys require less storage space and consume less power to transmit and compute. However, ECC algorithms are vulnerable to power analysis attacks, which exploit the instantaneous power consumptions of computing devices to retrieve secret data. Many countermeasures have been proposed to make ECC implementations secure against power analysis. One of the approaches is randomized algorithms that generate different power traces even if the input of the algorithm is the same. For example, the randomized scalar point multiplication algorithm proposed by Oswald et al. combines two algorithms and uses random variables to decide which algorithm to follow at different stages of the execution. The randomized algorithm can thwart traditional power analysis attacks. However, in this paper, we propose an effective attack on the randomized algorithms. Our attack does not require a large number of power traces and has a very high success rate.

Chao-Hsien Hsieh,Xinyu Yao,Qing Zhang,Mengchen Lv,Ruobing Wang,Bingxue Ni

DOI: https://doi.org/10.1109/access.2022.3206450

IF: 3.9

2022-09-27

IEEE Access

Abstract:Random numbers are widely used in numerical computing, statistical simulation, random sampling, etc. At present, the mechanism for generating random numbers by computers is at risk of being attacked. The generated random numbers may be predicted in some cases,. However, current RNGs used in blockchain are not sufficient enough to handle attacks. Therefore, it is necessary to improve the security of random numbers. This paper improves the random number generator and designs a secure random number generator based on blockchain (BCsRNG). In practice, an encapsulated function algorithm of the secure random number is developed with the smart contract. Moreover, an API is provided to facilitate input and output. The experimental results show that the random numbers generated by BCsRNG are difficult to decipher and have higher randomness and security.

computer science, information systems,telecommunications,engineering, electrical & electronic

Kaya Alpturer,S. Matthew Weinberg

2024-09-30

Abstract:It is well-known that RANDAO manipulation is possible in Ethereum if an adversary controls the proposers assigned to the last slots in an epoch. We provide a methodology to compute, for any fraction $\alpha$ of stake owned by an adversary, the maximum fraction $f(\alpha)$ of rounds that a strategic adversary can propose. We further implement our methodology and compute $f(\cdot)$ for all $\alpha$. For example, we conclude that an optimal strategic participant with $5\%$ of the stake can propose a $5.048\%$ fraction of rounds, $10\%$ of the stake can propose a $10.19\%$ fraction of rounds, and $20\%$ of the stake can propose a $20.68\%$ fraction of rounds.

Computer Science and Game Theory,Cryptography and Security

Nasser Alsalami,Bingsheng Zhang

DOI: https://doi.org/10.1109/iwqos49365.2020.9213064

2020-01-01

Abstract:Public blockchains can be abused to covertly store and disseminate potentially harmful digital content which poses a serious regulatory issue. In this work, we show the severity of the problem by demonstrating that blockchains can be exploited to surreptitiously distribute arbitrary content. More specifically, all major blockchain systems use randomized cryptographic primitives, such as digital signatures and non-interactive zero-knowledge proofs; we illustrate how the uncontrolled randomness in such primitives can be maliciously manipulated to enable covert communication and hidden persistent storage. To clarify the potential risk, we design, implement and evaluate our technique against the widely-used ECDSA signature scheme, the CryptoNote's ring signature scheme, and Monero's ring confidential transactions. Importantly, the significance of the demonstrated attacks stems from their undetectability, their adverse effect on the future of decentralized blockchains, and their serious repercussions on users' privacy and crypto funds. Finally, we present a generic framework to immunize blockchains against these attacks.

Chenyang Guo,Yujie Zhou

DOI: https://doi.org/10.1142/s0218126618500950

2017-01-01

Journal of Circuits Systems and Computers

Abstract:In this paper, a new method is proposed for randomness enhancement. The approach is called the dynamic equilibrium algorithm (DEA). It is used to solve the problems existing in the true random number generator (TRNG). First, the advantages and defects of LFSR as a post-processing module are discussed. When sampling 1000 groups of data, only 517 groups can pass all 15 tests in SP800-22 with a pass rate of 0.981. DEA is actually a great solution to this problem. The essence of DEA is to guarantee the approximately uniform distribution of the overlapping template to improve the bit-entropy by the compression of the data. This method is easy to implement in both software and hardware. The pass rate increases more than 40% with a low compression rate.

Jan Wassenberg,Robert Obryk,Jyrki Alakuijala,Emmanuel Mogenet

DOI: https://doi.org/10.48550/arXiv.1810.02227

2018-10-04

Abstract:Algorithms that rely on a pseudorandom number generator often lose their performance guarantees when adversaries can predict the behavior of the generator. To protect non-cryptographic applications against such attacks, we propose 'strong' pseudorandom generators characterized by two properties: computationally indistinguishable from random and backtracking-resistant. Some existing cryptographically secure generators also meet these criteria, but they are too slow to be accepted for general-purpose use. We introduce a new open-sourced generator called 'Randen' and show that it is 'strong' in addition to outperforming Mersenne Twister, PCG, ChaCha8, ISAAC and Philox in real-world benchmarks. This is made possible by hardware acceleration. Randen is an instantiation of Reverie, a recently published robust sponge-like random generator, with a new permutation built from an improved generalized Feistel structure with 16 branches. We provide new bounds on active s-boxes for up to 24 rounds of this construction, made possible by a memory-efficient search algorithm. Replacing existing generators with Randen can protect randomized algorithms such as reservoir sampling from attack. The permutation may also be useful for wide-block ciphers and hashing functions.

Cryptography and Security,Data Structures and Algorithms

Peng Qian,Jianting He,Lingling Lu,Siwei Wu,Zhipeng Lu,Lei Wu,Yajin Zhou,Qinming He

2023-04-25

Abstract:Recent years have witnessed explosive growth in blockchain smart contract applications. As smart contracts become increasingly popular and carry trillion dollars worth of digital assets, they become more of an appealing target for attackers, who have exploited vulnerabilities in smart contracts to cause catastrophic economic losses. Notwithstanding a proliferation of work that has been developed to detect an impressive list of vulnerabilities, the bad randomness vulnerability is overlooked by many existing tools. In this paper, we make the first attempt to provide a systematic analysis of random numbers in Ethereum smart contracts, by investigating the principles behind pseudo-random number generation and organizing them into a taxonomy. We also lucubrate various attacks against bad random numbers and group them into four categories. Furthermore, we present RNVulDet - a tool that incorporates taint analysis techniques to automatically identify bad randomness vulnerabilities and detect corresponding attack transactions. To extensively verify the effectiveness of RNVulDet, we construct three new datasets: i) 34 well-known contracts that are reported to possess bad randomness vulnerabilities, ii) 214 popular contracts that have been rigorously audited before launch and are regarded as free of bad randomness vulnerabilities, and iii) a dataset consisting of 47,668 smart contracts and 49,951 suspicious transactions. We compare RNVulDet with three state-of-the-art smart contract vulnerability detectors, and our tool significantly outperforms them. Meanwhile, RNVulDet spends 2.98s per contract on average, in most cases orders-of-magnitude faster than other tools. RNVulDet successfully reveals 44,264 attack transactions. Our implementation and datasets are released, hoping to inspire others.

Software Engineering,Cryptography and Security

Bong Gon Kim,Dennis Wong,Yoon Seok Yang

DOI: https://doi.org/10.5121/csit.2023.132104

2024-02-07

Abstract:We present a secure and private blockchain-based Verifiable Random Function (VRF) scheme addressing some limitations of classical VRF constructions. Given the imminent quantum computing adversarial scenario, conventional cryptographic methods face vulnerabilities. To enhance our VRF's secure randomness, we adopt post-quantum Ring-LWE encryption for synthesizing pseudo-random sequences. Considering computational costs and resultant on-chain gas costs, we suggest a bifurcated architecture for VRF design, optimizing interactions between on-chain and off-chain. Our approach employs a secure ring signature supported by NIZK proof and a delegated key generation method, inspired by the Chaum-Pedersen equality proof and the Fiat-Shamir Heuristic. Our VRF scheme integrates multi-party computation (MPC) with blockchain-based decentralized identifiers (DID), ensuring both security and randomness. We elucidate the security and privacy aspects of our VRF scheme, analyzing temporal and spatial complexities. We also approximate the entropy of the VRF scheme and detail its implementation in a Solidity contract. Also, we delineate a method for validating the VRF's proof, matching for the contexts requiring both randomness and verification. Conclusively, using the NIST SP800-22 of the statistical randomness test suite, our results exhibit a 98.86% pass rate over 11 test cases, with an average p-value of 0.5459 from 176 total tests.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Lin Bao,Zongwei Wang,Zhizhen Yu,Yichen Fang,Yuchao Yang,Yimao Cai,Ru Huang

DOI: https://doi.org/10.1109/vlsi-tsa48913.2020.9203571

2020-01-01

Abstract:In this work, a novel random number generator with adjustable adaptability is demonstrated based on the intrinsic fluctuation of resistive random access memory (RRAM). Experimental data shows the standard deviation of resistance state has a negative dependence on compliance current (CC), thus an adaptive random number generator (ARNG) can be realized by controlling the CC in RRAM set process. Benchmarking results show that the RRAM based ARNG can achieve same performance compared with software ARNG in reinforcement learning process of zebra finch’s singing pattern.

Xinwei Gao,Jintai Ding,Lin Li,Jiqiang Liu

DOI: https://doi.org/10.1109/tc.2018.2808527

IF: 3.183

2018-01-01

IEEE Transactions on Computers

Abstract:Ring Learning With Errors (RLWE)-based key exchange is one of the most efficient and secure primitive for post-quantum cryptography. One common approach to achieve key exchange over RLWE is error reconciliation. Recently, an efficient attack against reconciliation-based RLWE key exchange protocols with reused keys was proposed. This attack can recover a long-term private key if a key pair is reused. We also know that in the real world, key reuse is commonly adopted in applications like the Transport Layer Security (TLS) protocol to improve performance. Directly motivated by this attack, we construct a new randomized RLWE-based key exchange protocol against this attack. Our lightweight approach incorporates an additional ephemeral public error term into key exchange materials, so that this attack no longer works. With the same attack, we practically show that the signal value of our protocol is indistinguishable from uniform random, therefore, this attack no longer works. We explain how the attack fails, present 200-bit classic and 80-bit quantum secure parameter choice, efficient implementations, comparisons and discussion. Benchmark shows our protocol is truly efficient and even faster than related vulnerable protocols.

Jeremie S. Kim,Minesh Patel,Hasan Hassan,Lois Orosa,Onur Mutlu

DOI: https://doi.org/10.48550/arXiv.1808.04286

2018-12-26

Abstract:We propose a new DRAM-based true random number generator (TRNG) that leverages DRAM cells as an entropy source. The key idea is to intentionally violate the DRAM access timing parameters and use the resulting errors as the source of randomness. Our technique specifically decreases the DRAM row activation latency (timing parameter tRCD) below manufacturer-recommended specifications, to induce read errors, or activation failures, that exhibit true random behavior. We then aggregate the resulting data from multiple cells to obtain a TRNG capable of providing a high throughput of random numbers at low latency. To demonstrate that our TRNG design is viable using commodity DRAM chips, we rigorously characterize the behavior of activation failures in 282 state-of-the-art LPDDR4 devices from three major DRAM manufacturers. We verify our observations using four additional DDR3 DRAM devices from the same manufacturers. Our results show that many cells in each device produce random data that remains robust over both time and temperature variation. We use our observations to develop D-RanGe, a methodology for extracting true random numbers from commodity DRAM devices with high throughput and low latency by deliberately violating the read access timing parameters. We evaluate the quality of our TRNG using the commonly-used NIST statistical test suite for randomness and find that D-RaNGe: 1) successfully passes each test, and 2) generates true random numbers with over two orders of magnitude higher throughput than the previous highest-throughput DRAM-based TRNG.

Hardware Architecture

Bo Peng,Qiqiao Wu,Zhongqiang Wang,Jianguo Yang

DOI: https://doi.org/10.3390/mi14061213

IF: 3.4

2023-06-08

Micromachines

Abstract:Resistance random access memory (RRAM) based true random number generator (TRNG) has great potential to be applied to hardware security owing to its intrinsic switching variability. Especially the high resistance state (HRS) variation is usually taken as the entropy source of RRAM-based TRNG. However, the small HRS variation of RRAM may be introduced owing to fabrication process fluctuations, which may lead to error bits and be vulnerable to noise interference. In this work, we propose an RRAM-based TRNG with a 2T1R architecture scheme, which can effectively distinguish the resistance values of HRS with an accuracy of 1.5 kΩ. As a result, the error bits can be corrected to a certain extent while the noise is suppressed. Finally, a 2T1R RRAM-based TRNG macro is simulated and verified using the 28 nm CMOS process, which suggests its potential for hardware security applications.

chemistry, analytical,nanoscience & nanotechnology,instruments & instrumentation,physics, applied

Shu-Ping Lu,Chin-Laung Lei,Meng-Han Tsai

DOI: https://doi.org/10.1016/j.comcom.2024.107975

IF: 5.047

2024-10-20

Computer Communications

Abstract:Proof-of-Authorization (PoA) consensus algorithms are widely used in permissioned blockchain networks due to their high throughput, security, and efficiency. However, PoA is susceptible to cloning attacks, where attackers copy the authenticator identity and key, thereby compromising the consensus integrity. This study proposes a novel randomized authenticator within the PoA framework to mitigate cloning attacks and solve the leader selection bottleneck. The main contributions include 1) Introducing unpredictability in leader selection through Verifiable Random Functions (VRFs) to prevent identity duplication.2) Dynamic group management using a hierarchical decentralized architecture of distributed ledgers that balances security and performance.3) Using threshold signatures to avoid a single point of failure among validators.4) Comprehensively analyzing attacks, security, randomness, and availability.5) Evaluating the effectiveness of a randomized authenticator by means of OMNET++ simulations to assess efficiency. By integrating randomness into leader selection and robust consensus design, the approach enables reliable and secure dynamic group management in decentralized networks.

computer science, information systems,telecommunications,engineering, electrical & electronic

Anurag K S V,Raghavan G,Kanaka Raju P.

DOI: https://doi.org/10.1088/1402-4896/ad587f

2024-06-16

Physica Scripta

Abstract:Random Number Generators (RNGs) are devices whose utility spans from cryptography to gambling. Depending on the source of the random seed, RNGs are classified as Pseudo-Random Number Generators (PRNGs), which are based on mathematical algorithms, True Random Number Generators (TRNGs) sourced through seemingly random physical processes, and finally, Quantum Random Number Generators (QRNGs) which harness the intrinsic randomness of measured outcomes of quantum states. To ensure that the output of a QRNG is private and nearly uniform, the raw data undergoes a strong extraction process such as Toeplitz or Trevisan Hashing. The extraction process needs to be extremely efficient to achieve high-speed random number generation. The present work demonstrates state-of-the-art methods for performing information-theoretically provable randomness extraction using variations of the Toeplitz Hashing algorithm. These algorithms are implemented on various hardware for comprehensive analysis. Subsequently, these methods are applied to two raw data sets from a PRNG source and a quantum source. A new benchmark of 19.5 Gbps for Randomness Extraction using the Fast Fourier Transform-based Toeplitz Strong Extractor is demonstrated in this work. The implementation of the algorithm on a GPU-based system demonstrates notably enhanced speed, marking a significant leap beyond the existing state-of-the-art implementations.

physics, multidisciplinary

Hajiabadi, Mohammad,Khazaei, Shahram,Vahdani, Behzad

DOI: https://doi.org/10.1007/s00145-024-09515-4

2024-08-23

Journal of Cryptology

Abstract:It is well-known that randomness is essential for secure cryptography. The randomness used in cryptographic primitives is not necessarily recoverable even by the party who can, e.g., decrypt or recover the underlying secret/message. Several cryptographic primitives that support randomness recovery have turned out useful in various applications. In this paper, we study randomness recoverable secret sharing schemes (RR-SSS), in both information-theoretic and computational settings and provide two results. First, we show that while every access structure admits a perfect RR-SSS, there are very simple access structures (e.g., in monotone ) that do not admit efficient perfect (or even statistical) RR-SSS. Second, we show that the existence of efficient computational RR-SSS for certain access structures in monotone implies the existence of one-way functions. This stands in sharp contrast to (non-RR) SSS schemes for which no such results are known. RR-SSS plays a key role in making advanced attributed-based encryption schemes randomness recoverable, which in turn have applications in the context of designated-verifier non-interactive zero knowledge.

computer science, theory & methods,engineering, electrical & electronic,mathematics, applied

JV Roig

DOI: https://doi.org/10.48550/arXiv.1804.02904

2018-04-09

Cryptography and Security

Abstract:Generating secure random numbers is vital to the security and privacy infrastructures we rely on today. Having a computer system generate a secure random number is not a trivial problem due to the deterministic nature of computer systems. Servers commonly deal with this problem through hardware-based random number generators, which can come in the form of expansion cards, dongles, or integrated into the CPU itself. With the explosion of network- and internet-connected devices, however, the problem of cryptography is no longer a server-centric problem; even small devices need a reliable source of randomness for cryptographic operations - for example, network devices and appliances like routers, switches and access points, as well as various Internet-of-Things (IoT) devices for security and remote management. This paper proposes a software solution based on side-channel measurements as a source of high-quality entropy (nicknamed "SideRand"), that can theoretically be applied to most platforms (large servers, appliances, even maker boards like RaspberryPi or Arduino), and generates a seed for a regular CSPRNG to enable proper cryptographic operations for security and privacy. This paper also proposes two criteria - openness and auditability - as essential requirements for confidence in any random generator for cryptographic use, and discusses how SideRand meets the two criteria (and how most hardware devices do not).

Zhuo Cai

DOI: https://doi.org/10.1109/ICBC56567.2023.10174917

2023-09-20

Abstract:Many protocols in distributed computing rely on a source of randomness, usually called a random beacon, both for their applicability and security. This is especially true for proof-of-stake blockchain protocols in which the next miner or set of miners have to be chosen randomly and each party's likelihood to be selected is in proportion to their stake in the cryptocurrency. Current random beacons used in proof-of-stake protocols, such as Ouroboros and Algorand, have two fundamental limitations: Either (i)~they rely on pseudorandomness, e.g.~assuming that the output of a hash function is uniform, which is a widely-used but unproven assumption, or (ii)~they generate their randomness using a distributed protocol in which several participants are required to submit random numbers which are then used in the generation of a final random result. However, in this case, there is no guarantee that the numbers provided by the parties are uniformly random and there is no incentive for the parties to honestly generate uniform randomness. Most random beacons have both limitations. In this thesis, we provide a protocol for distributed generation of randomness. Our protocol does not rely on pseudorandomness at all. Similar to some of the previous approaches, it uses random inputs by different participants to generate a final random result. However, the crucial difference is that we provide a game-theoretic guarantee showing that it is in everyone's best interest to submit uniform random numbers. Hence, our approach is the first to incentivize honest behavior instead of just assuming it. Moreover, the approach is trustless and generates unbiased random numbers. It is also tamper-proof and no party can change the output or affect its distribution. Finally, it is designed with modularity in mind and can be easily plugged into existing distributed protocols such as proof-of-stake blockchains.

Cryptography and Security

Wen-Zhuo Zhang,Victor Kai

2023-12-09

Abstract:A proof-of-randomness (PoR) protocol is a fair and low energy-cost consensus mechanism for blockchains. Each network node of a blockchain may use a true random number generator (TRNG) and hash algorism to fulfil the PoR protocol. In this whitepaper, we give the consensus mechanism of the PoR protocol, and classify it into a new kind of randomized algorithms called Macau. The PoR protocol could generate a blockchain without any competition of computing power or stake of cryptocurrency. Besides, we give some advantages of integrating quantum random number generator (QRNG) chips into hardware wallets, and also discuss the way to cooperate with quantum key distribution (QKD) technology.

Cryptography and Security,Computer Science and Game Theory