Projects / Programmes
Cryptographically secure random number generator
Code |
Science |
Field |
Subfield |
1.02.00 |
Natural sciences and mathematics |
Physics |
|
Code |
Science |
Field |
1.03 |
Natural Sciences |
Physical sciences |
Cryptography, post-quantum methods, random numbers, entropy, statistical testing, microscopic models, pseudo/true/quantum randomness, unpredictability, measurement theory, single photons, shot noise, programmable logic, FPGA
Data for the last 5 years (citations for the last 10 years) on
June 28, 2024;
A3 for period
2018-2022
Data for ARIS tenders (
04.04.2019 – Programme tender,
archive
)
Database |
Linked records |
Citations |
Pure citations |
Average pure citations |
WoS |
308 |
6,917 |
6,011 |
19.52 |
Scopus |
338 |
7,537 |
6,540 |
19.35 |
Researchers (7)
Organisations (1)
no. |
Code |
Research organisation |
City |
Registration number |
No. of publicationsNo. of publications |
1. |
0106 |
Jožef Stefan Institute |
Ljubljana |
5051606000 |
18 |
Abstract
We will analyze the state of the art in the field of cryptographically secure random number generator (CSRNG) implementations. We shall take the threats posed by quantum computers into account, especially the accelerated discovery of the internal state of the pseudo-random generator from the set of values it generates. Based on our findings, we will prepare general recommendations and requirements for CSRNG and for the verification methodologies of implementation correctness, as well as specific recommendations for a CSRNG for use in the field of classified information for various levels of secrecy and associated methodologies for verifying the implementation correctness. We will also evaluate a reasonable timeline for the transition to safer (“post-quantum”) methods, based on the estimated likelihood of a sufficiently powerful quantum computer being built in the near future. We will develop three optical demonstration prototypes to generate real (completely unpredictable) random numbers on the physical basis of quantum mechanics (QRNG). The source of randomness in the first will be spontaneous emission in the LED, in the second the photoexcitation in single photon avalanche diodes (SPAD), while in the third we will combine both. Advanced extractors will be used for processing and basic randomness checking, and the systems will be equipped with continuous checking and monitoring of the generator condition, which will ensure correct operation in real time. From the three developed modules, we will select the most suitable technology (in terms of reliability and production possibilities) and produce a portable device, which will be connected to a computer via standard interfaces. For the portable prototype, we will create an accurate microscopic model of the device's operation, which will make it possible to clearly evaluate the principle of operation and determine the minimum generated entropy, so that the source will be demonstrably safe. We will take into account all imperfections of the real device. The device will generate at least 1 Mbit of entropy per second, the output string will pass all standard statistical tests (according to NIST SP800-90A/B/C, NIST SP800/22 and DieHarder). We will develop a cryptographically secure true random number generator (TRNG) in field programmable gate array (FPGA) technology. Jitter and circuit metastability will be used as the entropy sources. We will fabricate a scalable implementation of the sources based on Fibonacci and Galois ring oscillators, permitting migration to a large FPGA circuit. The goal for the reference implementation is bus saturation when transmitting the generated numbers over a gigabit Ethernet connection. We will evaluate the minimum entropy produced by the raw entropy generator, and select the generator parameters accordingly. At the output, the bit-string will be processed with a cryptographic hash function to ensure that in the event of entropy source failure, the device will continue generating at least pseudo-random numbers. Monitoring the state of the generator will be embedded, to verify correct operation in run-time. Source code in Verilog language will be available for independent verification of the implementation. We will develop a software module for use in mobile devices that will implement cryptographically secure generation of pseudo-random numbers. For the purpose of generating randomness, the module will enable capturing entropy from the sources offered by the operating system, from the hardware of the mobile device and from the user's actions. We will draw knowledge both from research within the project and from the state of the art in the field. On hardware that allows so, we will provide entropy from quantum sources, such as a CCD sensor of the built-in camera, or other high quality physical sources, such as an accelerometer.