Attacks and Defenses for Single-Stage Residue Number System PRNGs

dc.contributor.authorVennos, Amyen
dc.contributor.authorGeorge, Kiernanen
dc.contributor.authorMichaels, Alan J.en
dc.contributor.departmentHume Center for National Security and Technologyen
dc.date.accessioned2021-07-09T18:27:01Zen
dc.date.available2021-07-09T18:27:01Zen
dc.date.issued2021-06-25en
dc.date.updated2021-07-08T14:21:42Zen
dc.description.abstractThis paper explores the security of a single-stage residue number system (RNS) pseudorandom number generator (PRNG), which has previously been shown to provide extremely high-quality outputs when evaluated through available RNG statistical test suites or in using Shannon and single-stage Kolmogorov entropy metrics. In contrast, rather than blindly performing statistical analyses on the outputs of the single-stage RNS PRNG, this paper provides both white box and black box analyses that facilitate reverse engineering of the underlying RNS number generation algorithm to obtain the residues, or equivalently key, of the RNS algorithm. We develop and demonstrate a conditional entropy analysis that permits extraction of the key given a priori knowledge of state transitions as well as reverse engineering of the RNS PRNG algorithm and parameters (but not the key) in problems where the multiplicative RNS characteristic is too large to obtain a priori state transitions. We then discuss multiple defenses and perturbations for the RNS system that fool the original attack algorithm, including deliberate noise injection and code hopping. We present a modification to the algorithm that accounts for deliberate noise, but rapidly increases the search space and complexity. Lastly, we discuss memory requirements and time required for the attacker and defender to maintain these defenses.en
dc.description.versionPublished versionen
dc.format.mimetypeapplication/pdfen
dc.identifier.citationVennos, A.; George, K.; Michaels, A. Attacks and Defenses for Single-Stage Residue Number System PRNGs. IoT 2021, 2, 375-400.en
dc.identifier.doihttps://doi.org/10.3390/iot2030020en
dc.identifier.urihttp://hdl.handle.net/10919/104127en
dc.language.isoenen
dc.publisherMDPIen
dc.rightsCreative Commons Attribution 4.0 Internationalen
dc.rights.urihttp://creativecommons.org/licenses/by/4.0/en
dc.subjectpseudorandom number generator (PRNG)en
dc.subjectresidue number system (RNS)en
dc.subjectreverse engineeringen
dc.titleAttacks and Defenses for Single-Stage Residue Number System PRNGsen
dc.title.serialIoTen
dc.typeArticle - Refereeden
dc.type.dcmitypeTexten
dc.type.dcmitypeStillImageen

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
IoT-02-00020.pdf
Size:
3.27 MB
Format:
Adobe Portable Document Format
License bundle
Now showing 1 - 1 of 1
Name:
license.txt
Size:
0 B
Format:
Item-specific license agreed upon to submission
Description: