Digitized Chaos for Pseudo-random Number Generation in Cryptography

Abstract

Random numbers play a key-role in cryptography, since they are used, e.g., to define enciphering keys or passwords [1]. Nowadays, the generation of random numbers is obtained referring to two types of devices, that are often properly combined together: True Random Number Generators (TRNGs), and Pseudo Random Number Generators (PRNGs). The former are devices that exploit truly stochastic physical phenomena [2, 3, 4, 5, 6], such as the electronic noise or the chaotic dynamics of certain nonlinear systems: for these devices the output sequences have an intrinsic degree of unpredictability, that is measured referring to the theoretical tools provided by Information Theory (e.g., in terms of the Shannon entropy) [7,4]. On the other hand, PRNGs are deterministic periodic finite state machines whose aim is to emulate, within the period, the random behavior of a truly random source of numbers. From a theoretical point of view, due to their deterministic nature, PRNGs are potentially predictable by observing their generated sequences [8, 9, 10, 1]. Nevertheless, in literature some families of PRNGs are classified to be ‘secure’, meaning that their algorithmic structure involves calculations that in average, referring to the prediction task, require an amount of computation time that is asymptotically unfeasible with the size of the problem, when referring to both the computational equipment at disposal and the known computing fastest algorithms [1,11]. It is worth noting that a given generator, even if belonging to an asymptotically secure family of PRNGs, can generate short periodic (and unsecure) sequences for several values of the initial seed. Therefore, apart from the cryptographic robustness of their algorithmic structure, a cryptographic PRNG must generate sequences that are acceptable from a statistical point of view, i.e., that pass a certain number of standard statistical tests [1, 12].