Cryptographically secure random number generator
One of the critical elements of cryptography is a random number generator (RNG). Cryptographic operations require large quantities of random numbers and their quality depends greatly on the randomness of the used numbers. Using a predictable random generator can render even the best of cryptograpic condes easily breakable as has been demonstrated repeatedly in the past. Pseudo-random generators, which are prevailing in computer science, are therefore generally not sufficient for cryptography. True random generators should be used whenever possible instead. True randomness is present in nature and can be observed in quantum mechanics. We strive towards creating devices that are able to capturing such randomness and transform it to a form of true random bit sequence.
The project Cryptographically secure random number generator (CS-RNG) will first generate analysis of the state of the art in the field of RNG implementations for cryptography. Based on the findings, general recommendations and requirements for the verification methodologies of implementation correctness will be prepared, as well as specific recommendations for a cryptographically secure RNG. Also a reasonable timeline for the transition from current state of the art to safer (“post-quantum”) methods will be presented, based on the estimated likelihood of a sufficiently powerful quantum computer being built in the near future.
Second, several hardware prototypes of true random generators based on principles of quantum mechanics will be developed. The sources of randomness will be spontaneous emission in the LED, the photoexcitation in single photon avalanche diodes (SPAD), and the jitter and circuit metastability of field programmable gate arrays. From the developed modules, the most suitable technology in terms of reliability and production possibilities will be selected. A portable device will then be constructed, which will connected to a computer via standard interfaces. For the portable prototype, an accurate microscopic model of the device’s operation will be developed, to clearly evaluate the principle of operation and determine the minimum generated entropy, so that the source will be demonstrably safe. The goal for the portable device will be bus saturation when transmitting the generated numbers over a gigabit Ethernet connection.
Third, at the output of hardware random generator, embedded software will process the generated strings of random bits. Cryptographic hash functions will be implemented for processing bit-strings to ensure that in the event of entropy source failure, the device will continue generating at least pseudo-random numbers. The embedded software will also monitor the state of hardware, to verify correct operation in run-time.
Fourth, a software module will be developed for use in mobile devices that will implement cryptographically secure generation of pseudo-random numbers. For the purpose of generating randomness, the module will enable capturing entropy from the sources offered by the operating system, from the hardware of the mobile device and from the user’s actions. On hardware that allows so, entropy will be provided from quantum sources, such as a CCD sensor of the built-in camera, or other high quality physical sources, such as an accelerometer.
This project is a joint venture of three departments: F1, F5, and E6
P-Lab teamMatjaž Depolli