Abstract
This paper explores the security of a single-stage residue number system (RNS) pseudorandom number generator (PRNG), which has previously been shown to provide extremely high-quality outputs when evaluated through available RNG statistical test suites or in using Shannon and single-stage Kolmogorov entropy metrics. In contrast, rather than blindly performing statistical analyses on the outputs of the single-stage RNS PRNG, this paper provides both white box and black box analyses that facilitate reverse engineering of the underlying RNS number generation algorithm to obtain the residues, or equivalently key, of the RNS algorithm. We develop and demonstrate a conditional entropy analysis that permits extraction of the key given a priori knowledge of state transitions as well as reverse engineering of the RNS PRNG algorithm and parameters (but not the key) in problems where the multiplicative RNS characteristic is too large to obtain a priori state transitions. We then discuss multiple defenses and perturbations for the RNS system that fool the original attack algorithm, including deliberate noise injection and code hopping. We present a modification to the algorithm that accounts for deliberate noise, but rapidly increases the search space and complexity. Lastly, we discuss memory requirements and time required for the attacker and defender to maintain these defenses.
Highlights
The purpose of encryption is to secure information from reverse-engineering attacks, which attempt to recreate the plaintext by analyzing the ciphertext
This paper focuses on the pseudorandom number generator (PRNG), a type of lightweight primitive that provides a source of randomness in applications; in particular, our primary use case is that of transmission security in wireless sensor networks, where additive noise typically corrupts an attacker’s observation of the signals, the same PRNG may be a viable compromise as a building block for some low-power cryptographic applications without the resources to employ more complex algorithms
This discrete “corner-turning” approach uses joint frequencies that sufficiently reduce the search space required in the reverse-engineering process. We demonstrate these techniques through white box attacks on a toy example and Matlab simulations for an Internet of Things (IoT)-caliber residue number system (RNS) generator to gauge the improvement over brute-force attacks in Section 3.2, prior to presenting a reverse-engineering approach that permits identification of RNS parameters efficiently in black box testing for arbitrarily large RNS constructions
Summary
The purpose of encryption is to secure information from reverse-engineering attacks, which attempt to recreate the plaintext by analyzing the ciphertext. Every cipher has the potential to be reversed through brute force, though most applications are so large that such an attack would require too much time or resources to be worthwhile. Many attacks aim to reduce the search space of a brute-force attack. Attacks with malicious intentions remain a threat to modern-day cryptosystems, and much work is carried out to ensure that a cipher is resistant to such attacks. In 1972, the U.S Department of Commerce initiated a program to create the Data Encryption Standard (DES) in response to the Brooks Act, which required a new set of standards for Federal government computers [1]. Many attacks on DES have been published, the most notable being in 1999 by the Electronic Frontier
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
