NIST Randomness Tests Research Articles

Testing the randomness of shares in color visual cryptography

The concept of black-and-white visual cryptography with two truly random shares, previously applied to color images, was improved by mixing the contents of the segments of each coding image and by randomly changing a specified number of black pixels into color ones. This was done in such a way that the changes of the contents of the decoded image were as small as possible. These modifications made the numbers of color pixels in the shares close to balanced, which potentially made it possible for the shares to be truly random. The true randomness was understood as that the data pass the suitably designed randomness tests. The randomness of the shares was tested with the NIST randomness tests. Part of the tests passed successfully, while some failed. The target of coding a color image in truly random shares was approached, but not yet reached. In visual cryptography, the decoding with the unarmed human eye is of primary importance, but besides this, simple numerical processing of the decoded image makes it possible to greatly improve the quality of the reconstructed image, so that it becomes close to that of the dithered original image.

A PSEUDORANDOM NUMBER GENERATOR WITH FULL CYCLE LENGTH BASED ON AUTOMATA COMPOSITIONS

In this paper a new Pseudorandom Number Generator based on compositions of abstract automata is presented. We show that it has full cycle with length of 2^128. It is also shown that the output satisfies the statistical requirements of the NIST randomness test suite.

Beyond Statistical Analysis in Chaos-Based CSPRNG Design

The design of cryptographically secure pseudorandom number generator (CSPRNG) producing unpredictable pseudorandom sequences robustly and credibly has been a nontrivial task. Almost all the chaos-based CSPRNG design approaches invariably depend only on statistical analysis. Such schemes designed to be secure are being proven to be predictable and insecure day by day. This paper proposes a design and instantiation approach to chaos-based CSPRNG using proven generic constructions of modern cryptography. The proposed design approach with proper instantiation of such generic constructions eventually results in providing best of both worlds that is the provable security guarantees of modern cryptography and passing of necessary statistical tests as that of chaos-based schemes. Also, we introduce a new coupled map lattice based on logistic-sine map for the construction of CSPRNG. The proposed pseudorandom number generator is proven using rigorous security analysis as that of modern cryptography and tested using the standard statistical testing suites. It is observed that the generated sequences pass all stringent statistical tests such as NIST, Dieharder, ENT, and TestU01 randomness test suites.

Physical layer secret key generation using discrete wavelet packet transform

Physical layer secret key generation leveraging reciprocity principle of the wireless channel is a promising substitute for traditional cryptography. However, in certain scenarios, the channel measurements extracted by the wireless transceivers are of high correlation but not similar. Therefore, preprocessing channel measurements prior to quantization is highly essential to facilitate successful generation of shared secret keys at the transceivers. In this paper, we put forth the idea of employing discrete wavelet packet transform (DWPT) for dynamic secret key generation in indoor environments. We propose two schemes which are employed at both the transceivers. Proposed method 1 (Prop. method-1) involves fixing the wavelet packet coefficients of selected terminal nodes in the wavelet packet tree to zero and proposed method 2 (Prop. method-2) involves compression of wavelet packet coefficients of selected terminal nodes. The performance of the proposed methods are evaluated using Pearson correlation coefficient, bit disagreement rate (BDR) and NIST randomness tests. Simulation results demonstrate that, Prop. method-1 performs well in terms of cross-correlation, especially when the measurement error variance is high. In contrast to Prop. method-1, Prop. method-2 renders better randomness at the expense of slightly reduced cross-correlation whilst both methods pass all eight NIST randomness tests. The tradeoff between cross-correlation and randomness can be improved owing to the richer signal analysis offered by DWPT. The simulation results are compared against existing works for validating performance of the proposed methods. Simulation results demonstrate that, DWPT based preprocessing is a highly promising solution for successful physical layer secret key generation.

An Investigation of Secret Key Generation for Physical Layer Security Using Wavelet Packets

This work investigates the effectiveness of wavelet packets in dynamic secret key generation (DSKG) for physical layer security (PLS). Preprocessing channel coefficients before quantization is highly essential in DSKG, as noisy measurements on direct quantization produces distinct keys at the transmitter and receiver. Secret keys generated will be having high key disagreement. The performance of different wavelets namely, Daubechies, Symlet and Coiflet, of orders 3 and 5, are studied using Spearman correlation coefficient, bit disagreement rate and NIST randomness tests. NIST tests are evaluated for different bit sequence lengths and as an outcome of the experiment, the best performing wavelet is identified. Further, the proposed work is compared with an existing scheme. It is inferred that, along with maintaining higher correlation coefficient, wavelet packet based DSKG scheme ensures an enhancement in PLS.

An Integrated Silicon Photonic Chip for Continuous-Variable Quantum Random Numbers Generator Based on Vacuum Fluctuation

The deployment of quantum random number generator in fiber optics is strongly limited in real world applications due to the size of the components and their cost. Here we present a quantum random number generator based on vacuum fluctuation using an optical homodyne detection in silicon photonic chip achieving minimum entropy/bit of 8.5 for 10 bits sample. The produced random numbers have passed all NIST randomness tests.

On-chip tunable SOI interferometer for quantum random number generation based on phase diffusion in lasers

Quantum random number generators (QRNG) derive randomness from quantum mechanical processes and therefore are considered a reliable source of randomness. However large size, high cost and instability issues due to conventional bulk, fiber or free space implementations restrict widespread use into complex systems and significantly affect the scalability and reliability of such solutions. Recently there has been a huge interest in photonic integration technologies for quantum optics in order to overcome aforementioned issues. We report demonstration of a QRNG based on phase diffusion in gain switched (GS) lasers. It produces random numbers by translating random phases of GS pulses (generated at 2.5 GHz rate) into amplitude fluctuations using a packaged on-chip silicon on insulator (SOI) tunable unbalanced Mach–Zehnder interferometer (uMZI). The 400 ps delay line in uMZI has been specially designed by using the combination of multi-mode and single mode waveguides to reduce the losses. The combination of tunable loss control (balancing), low waveguide losses and shorter delay improve interference quality and increase random number generation rates to gigabit scale. The mid-way and output monitoring ports on the chip can potentially be used for health checks to improve the long-term stability and reliability of QRNG in line with NIST recommendations for entropy source. True random numbers are extracted by offline post processing of the raw data. The extracted random numbers show low correlation coefficients and passed all NIST randomness tests achieving 10 Gb/s generation rate.

Comparison of a Chaotic Cryptosystem with Other Cryptography Systems

The keyspace of a cryptography system must be long enough in order to protect it from brute force attacks. The One-Time Pad (OTP) encryption is unconditionally secure because of its truly random keystream that is used only once. This paper proposes a new chaotic symmetric cryptosystem approach, comparable to OTP. The proposed system utilizes two Lorenz generators, a main and an auxiliary, where the aim of the second one is to make one of the main Lorenz generator’s parameters to vary continually with time in a chaotic manner. This technique was built on digitizing two Lorenz chaotic models to increase the security level. The scrambling scheme was developed and the Lorenz stream cipher binary stream successfully passed the NIST randomness test. The cryptosystem showed a high degree of security, as it had a keyspace of 2576, and it was compared with existing symmetric key cryptography systems, such as DES, 3DES, AES, Blowfish, and OTP.

A data encryption model based on intertwining logistic map

A data encryption model is developed using Brownian Motion based confusion and intertwining logistic map based diffusion method. In the existing encryption models, shuffling is irrelevant for the pixels with same value i.e. (all white/black/same colour) and models are prone to differential and various statistical attacks. This article investigates random data insertion to ensure the validity of shuffling engine and result in a different cipher in each execution. It makes both differential and chosen plaintext attacks infeasible and reduces the correlation among existing image pixels. Further, an intertwining logistic map is used not only for better random number distribution but also to overcome the blank window noticed in the bifurcation diagram of logistic map. Brownian motion based confusion introduced key sensitivity in the encryption model. In last, Intertwining logistic map based diffusion model is applied so that even a single bit change affects most of the pixels in the cipher. Number of pixel change rate (NPCR) and Unified average change intensity (UACI) scores support the security enhancement of the model. Randomness is supported by the NIST randomness test. Simulation results show that the model has better security level, lossless compression, resistive against chosen and known plaintext attacks.

Random-telegraph-noise-enabled true random number generator for hardware security

The future security of Internet of Things is a key concern in the cyber-security field. One of the key issues is the ability to generate random numbers with strict power and area constrains. “True Random Number Generators” have been presented as a potential solution to this problem but improvements in output bit rate, power consumption, and design complexity must be made. In this work we present a novel and experimentally verified “True Random Number Generator” that uses exclusively conventional CMOS technology as well as offering key improvements over previous designs in complexity, output bitrate, and power consumption. It uses the inherent randomness of telegraph noise in the channel current of a single CMOS transistor as an entropy source. For the first time multi-level and abnormal telegraph noise can be utilised, which greatly reduces device selectivity and offers much greater bitrates. The design is verified using a breadboard and FPGA proof of concept circuit and passes all 15 of the NIST randomness tests without any need for post-processing of the generated bitstream. The design also shows resilience against machine learning attacks performed by the LSTM neural network.

A Smart Hardware Security Engine Combining Entropy Sources of ECG, HRV, and SRAM PUF for Authentication and Secret Key Generation

Securing personal data in wearable devices is becoming a crucial necessity as wearable devices are being deployed ubiquitously, which inadvertently exposes them to more sophisticated adversarial attacks. Although authentication systems using a single-entropy source, such as fingerprint or iris, are being used widely, successful spoofing attacks have been made, which show such systems’ vulnerability. To mitigate these issues, new biometric modalities [e.g., electrocardiogram (ECG) and photoplethysmogram (PPG)], as well as multifactor authentication/security engine designs, are being investigated. In this work, we present a new smart hardware security engine that combines three different sources of entropy, ECG, heart rate variability (HRV), and SRAM-based physical unclonable function (PUF) to perform real-time authentication and generate unique/random signatures. Such hybrid signatures vary person-to-person, device-to-device, and over time, which significantly reduces the scope of an attack and enables secure personal device authentication as well as secret random key generation. The prototype chip fabricated in 65-nm LP CMOS consumes $4.04~\mu \text{W}$ at 0.6 V for real-time authentication. Compared with ECG-only authentication, the average equal error rate of multi-source authentication is reduced by $7\times $ down to 0.2375% for a 741-subject in-house ECG database. The generalization capability of the hardware was also tested by evaluating equal error rate (EER) values using other ECG databases available online. Also, 256-bit keys generated by optimally combining ECG, HRV, and PUF values fully pass nine NIST randomness tests.

Maintaining the Integrity of Encrypted Data by Using the Improving Hash Function Based on GF 28

The issue of protecting the information from penetration has become an important issue. The system that depends on the encryption ensures the confidentiality of the information non-disclosure of sensitive information but does not ensure the integrity of data from destruction and change. In this paper, a proposed system is designed to protect the confidentiality and integrity of data from penetration, disclosure, and destruction. The proposed system based on the polynomial numbers of GF (𝟐𝟖) is achieved by improving the encryption approach using the idea of the magic square and the linear equation system also uses improving the digital signature method for ensuring that data is not changed or modified. The system has higher encryption and decryption throughput (548.924Kb /sec), (548.924 Kb /sec) and acceptable value 0.759294 of the randomness data according to the NIST randomness tests as well as a high confusion and diffusion in cipher text based on the ratio of Avalanche effect test.

A new chaotic map development through the composition of the MS Map and the Dyadic Transformation Map

In this paper, a new chaotic map is proposed, that is obtained from the composition of two chaotic maps, that is, the MS Map and the Dyadic Transformation Map. The composition process starts from the MS Map, followed by the Dyadic Transformation Map. The resulting composition is a new chaotic function. This is shown by the bifurcation diagram analysis result, Lyapunov Exponents, and the NIST randomness test. The bifurcation diagram shows that the best densities occur at λ ∈ (0.3, 5) and r = 3.8. The Lyapunov Exponents has nonnegative values for r ∈ [1, 4]. The NIST randomness test with initial value and parameters x 0 = 0.6, r = 3.8, and λ = 3.5 shows that the new chaotic map passes 14 out of 16 NIST tests.

A 1036-F2/Bit High Reliability Temperature Compensated Cross-Coupled Comparator-Based PUF

In this article, a compact physical unclonable function (PUF) based on cross-coupled comparator is presented. Featuring a positive feedback response generation mechanism, the mismatch in analog signals between the cross-coupled transistor pair is quickly amplified to prevent its polarity from flipping by the temporal noise. The rapid enlargement of noise margin by the sense amplifier also contributes to stabilizing the response against supply voltage variations. To improve its temperature stability, the counteracting effect of complementary-to-absolute-temperature (CTAT) and proportional-to-absolute-temperature (PTAT) drives are considered in sizing the bit cell transistors. The proposed design is fabricated in a standard 65-nm CMOS process. The bit cell occupies an area of only $4.38~\mu \text {m}^{2}$ (i.e., $1036~F^{2}$ ), and the overall PUF chip consumes 2.98 pJ/bit at the throughput of 8 Mb/s, of which only 1.61 pJ/bit is due to the PUF’s core. With the uniqueness measured to be 49.53%, the unpredictability of the fabricated PUF chips is validated by autocorrelation function and NIST randomness tests. Compared with the state-of-the-art implementations, the proposed PUF has the lowest native response instability of 1.46% with 500 repeated PUF readouts at 27 °C and 1.2 V. By varying the operating temperature from −50 °C to 150 °C in a step size of 10 °C and the supply voltage from 1.0 to 1.4 V in a step size of 0.1 V simultaneously, the average reliability of the proposed PUF obtained from the 2-D plot of all operating conditions is found to be 96.87% without correction and 99.31% with spatial majority voting (SMV).

The composition of the improved logistic map and the MS map in generating a new chaotic function

A new chaotic map is proposed from the composition of the improved logistic map and the MS map. The composition is done by mapping the MS map first, where the result is then mapped by the improved logistic map. The new map as the result of the composition is chaotic. This is shown by the Lyapunov Exponent analysis, bifurcation diagrams, and the NIST randomness test. The Lyapunov Exponent results with x0 = 0.1 are non-negative for r ∈ [1,4]. Its bifurcation diagrams with p ∈ (0,4) has a better density at r ∈ 2.5. The new chaotic function also passes 10 out of 16 NIST test, with initial value and parameter values x0 = 0.1, r = 2.5, and p = 2.5.

A Strong Physically Unclonable Function With >2⁸⁰ CRPs and <1.4% BER Using Passive ReRAM Technology

We experimentally demonstrate a strong physically unclonable function (PUF) circuit featuring >280 challenge-response pair (CRP) capacity, ${F }= 250$ -nm half-pitch $64\times 64$ ReRAM circuits. Passive crossbar circuits with $4{F} ^{2}$ area per crosspoint device and reduced peripheral overhead, not requiring any circuitry for programming, result in an extremely compact design, while low-power consumption is achieved by keeping ReRAM devices in the highly resistive, virgin states. The key contributions of this letter is a novel leakage injection approach using an electrically isolated portion of the crossbar array, which boosts PUF’s robustness, and a key-booking scheme, which dramatically improves reliability across a wide temperature range of operation and further increases PUF circuit density by reducing error correcting overheads. The experimental results showed near-ideal functional performance metrics, including 49.55% uniformity, 49.95% diffuseness, and 49.25% uniqueness. The measured response also passed all relevant NIST randomness tests.

Secure image encryption scheme using high efficiency word-oriented feedback shift register over finite field

Image encryption is an evolving technique in the arena of data communication. In the last decade, many encryption schemes have been suggested. Unfortunately, most of the current schemes are unable to maintain a balance between security and computational complexity. To overcome this challenge, this paper introduces a novel encryption scheme that effectively maintains the trade-off between security and computational complexity. Initially, the plain image is randomized and scrambled by the Logistic map and Arnold’s scrambling technique. The intermediate image found above, is then encrypted by the special word-oriented feedback shift register (wfsr) to get the final cipher image. Wfsr is inherently suitable for high-quality pseudorandom number generation with good statistical properties. It usually posses high throughput. Further, the elliptic curve Diffie-Hellman (ECDH) is used for sharing the keys required for encryption and decryption process. The performance of the proposed cryptosystem is evaluated based on several statistical properties of the cipher image, the resistance of the cipher image to various attacks, and time required for encryption and key sharing process. The statistical properties of the encrypted image are found out through histogram analysis, correlation and entropy finding, key sensitivity analysis, chi-square test, and NIST randomness test. The resistance of the encrypted image to various attacks is either found out experimentally or indirectly by using metrics like Unified Average Changing Intensity (UACI), Number of Pixel Changing Rate (NPCR). The proposed encryption method compares favorably with similar image encryption schemes.

Digital image encryption scheme based on generalized Mandelbrot-Julia set

With the rapid development of quantum computer, the encryption schemes in low key space are facing a huge security threat. The chaotic-based image encryption schemes use the initial values of the systems as the key, so the key spaces are often unchanged, which provide a way for the cracker to perform an exhaustive attack. This paper proposes an image encryption scheme based on generalized Mandelbrot-Julia (M-J) set. The key space of the scheme is not only large, but also dynamically changeable. To verify the feasibility of the generalized M-J set in the encryption scheme we use the simplest two rounds XOR encryption algorithm. We get the key by using environmental noise and SHA-512. The use of one-time keys not only improves the security of the algorithm, but also weakens the difficulty of transmitting many secret keys. Simulation results show that the key space of the our scheme can reach to 23250, which is far more than the most schemes. In order to verify the security of the encryption scheme, we have made corresponding security analysis for many attack methods. The results show that all the performance indexes satisfy the image encryption secure performance test standards. Finally, we tested the randomness of the generalized M-J set using the NIST randomness test software. Various analyses show that the encryption scheme is safe, and the generalized M-J set is an excellent system that can be applied in cryptography.

Key Schedule Algorithm using 3-Dimensional Hybrid Cubes for Block Cipher

A key scheduling algorithm is the mechanism that generates and schedules all session-keys for the encryption and decryption process. The key space of conventional key schedule algorithm using the 2D hybrid cubes is not enough to resist attacks and could easily be exploited. In this regard, this research proposed a new Key Schedule Algorithm based on coordinate geometry of a Hybrid Cube (KSAHC) using Triangular Coordinate Extraction (TCE) technique and 3-Dimensional (3D) rotation of Hybrid Cube surface (HCs) for the block cipher to achieve large key space that are more applicable to resist any attack on the secret key. The strength of the keys and ciphertext are tested using the Hybrid Cube Encryption Algorithm (HiSea) based on Brute Force, entropy, correlation assessment, avalanche effect and NIST randomness test suit which proves the proposed algorithm is suitable for the block cipher. The results show that the proposed KSAHC algorithm has performed better than existing algorithms and we remark that our proposed model may find potential applications in information security systems.

Key distribution based on unidirectional injection of vertical cavity surface emitting laser system

Random source is important for the security of key distribution. In this paper, a novel secure key distribution scheme based on unidirectional injection of vertical cavity surface emitting laser (VCSEL) system is proposed. In the proposed scheme, a chaotic signal without time delay signature is generated by a VCSEL subject to unidirectional optical injection, which is regarded as a master laser. The chaotic signal generated by the master VCSEL is further injected into two slave VCSELs to obtain synchronized bandwidth-enhanced chaotic signals. After that, by sampling, quantizing and XOR operation on the two synchronized chaotic signals, two key streams can be obtained. Based on the well-known spin-flip model, the time delay signature of chaotic signals generated by master VCSEL and the synchronization performance between the master VCSELs and two slave VCSELs are numerically investigated in detail. It is shown that by the unidirectional injection, the chaotic outputs can be achieved in the master VCSEL in a wide range of frequency detuning and coupling strength. More importantly, no time delay signature can be observed in the auto correlation function of the chaotic intensity time series generated by the master VCSEL. Besides, we find that high quality synchronization is achieved between the bandwidth-enhanced chaotic signals generated by two slave VCSELs under the common driving of master VCSEL. The synchronization coefficient between two slave VCSELs increases up to 0.99, and the synchronization coefficient between master VCSEL and salve VCSEL is only 0.74. Note that such a high quality synchronization between two slave VCSELs while relatively low quality synchronization between the master and slave VCSEL is conducible to ensuring the security of key distribution. In addition, the effects of tunable parameters on key bit error rate are considered, and two quantization methods are employed for comparison. Numerical simulation results show that the key bit error rate between two legitimate users is as low as 1%, and the key bit error rate between legitimate user and eavesdropper is higher than 10% in the single-threshold case; the bit error rate can even be as low as 10-6 in the double-threshold case. The influence of parameter mismatch on key bit error rate is also discussed, and it is suggested that two salve VCSELs should be finely matched to ensure low bit error rate. Finally, NIST randomness test is performed for the generated key streams. Hence, the proposed scheme enhances the security of key distribution, which is valuable for further developing the chaos communication systems.