Abstract
In the cybersecurity field, the generation of random numbers is extremely important because they are employed in different applications such as the generation/derivation of cryptographic keys, nonces, and initialization vectors. The more unpredictable the random sequence, the higher its quality and the lower the probability of recovering the value of those random numbers for an adversary. Cryptographically Secure Pseudo-Random Number Generators (CSPRNGs) are random number generators (RNGs) with specific properties and whose output sequence has such a degree of randomness that it cannot be distinguished from an ideal random sequence. In this work, we designed an all-digital RNG, which includes a Deterministic Random Bit Generator (DRBG) that meets the security requirements for cryptographic applications as CSPRNG, plus an entropy source that showed high portability and a high level of entropy. The proposed design has been intensively tested against both NIST and BSI suites to assess its entropy and randomness, and it is ready to be integrated into the European Processor Initiative (EPI) chip.
Highlights
The generation of random bits represents one of the fundamental and most significant aspects concerning cybersecurity, because they are employed to generate and/or derive cryptographic keys, one-time passwords, initialization vectors (IVs) for some cryptographic algorithms, and more in general non-repeating values
The Deterministic Random Bit Generator (DRBG) module accepts as input personalization string to further increase the degree of randomness of output sequences, according to the specifications of [9,10], and it seeds from the external: this choice was guided by the fact that the Entropy 2022, 24, 139 entropy level of seeds generated by the entropy source module is strongly dependent on the technology used for its implementation, and it was not possible to evaluate its characteristics in advance, using some statistical models
It was foreseen to permit the usage of seeds from external to improve the robustness of the random number generators (RNGs) engine and prevent the impossibility of using at least the DRBG part of the Cryptographically Secure Pseudo-Random Number Generators (CSPRNGs), in case the integrated entropy source module is not able to generate seeds featuring the required amount of entropy
Summary
The generation of random bits (or numbers) represents one of the fundamental and most significant aspects concerning cybersecurity, because they are employed to generate and/or derive cryptographic keys, one-time passwords, initialization vectors (IVs) for some cryptographic algorithms, and more in general non-repeating values (as the nonces and others). With good-quality random numbers, they indicated those sequences of bits generated unpredictably, for which the higher the unpredictability, the higher the quality (or the security strength). If the method used to produce such streams of bits was predictable, only in part, this would expose an entire system to severe security threats. It can be assumed that a cybersecurity device offers confidentiality protection of data by using a symmetric-key encryption/decryption scheme. The key employed within the encryption and decryption functions must be protected as well, because if an attacker was able to discover or to guess such a key, it would have access to the content of the communication, compromising the privacy between the entities
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
