Fakult ¨ at f ¨ ur Informatik Technische Universit¨ at M ¨ unchen Network Security Random Numbers Cornelius Diekmann Lehrstuhl f ¨ ur Netzarchitekturen und Netzdienste Institut f ¨ ur Informatik Technische Universit¨ at M ¨ unchen Version: November 21, 2015 IN2101, WS 15/16, Network Security 1
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Random noise in your browser: Safari (top); V8 (bottom).CC-BY 2.0, Mike Malone, Betable CTO, https://medium.com/@betable/tifu-by-using-math-random-f1c308c4fd9d
I “randomness” can be described by unpredictabilityI A measure for “unpredictability” is “entropy”I Let X be a random variable which outputs a sequence of n bitsI The Shannon information entropy is defined by:
H(X ) = −∑
x
P(X = x)ln2(P(X = x))
I Entropy is maximized for a uniform distributionI I.e. every Bit is equally likelyI Def.: truly random
I A key of 128 Bit should have an entropy of 128I What about the password TTTTTTTTTTTTTTTT?
I 16 8-bit characters, 128 Bit. Entropy?I If all bits chosen uniformly at random, entropy is 128I Assume the attacker knows it’s ASCIII Ascii: every 8th Bit is zero: entropy at most 112I Assume attacker knows that it consists of 16 equal charactersI All 16 Characters are equal: entropy at most 7I Assume the attackers knows the passwors is printableI Entropy is about 6.66
I A key of 128 Bit should have an entropy of 128I What about the password TTTTTTTTTTTTTTTT?I 16 8-bit characters, 128 Bit. Entropy?I If all bits chosen uniformly at random, entropy is 128
I Assume the attacker knows it’s ASCIII Ascii: every 8th Bit is zero: entropy at most 112I Assume attacker knows that it consists of 16 equal charactersI All 16 Characters are equal: entropy at most 7I Assume the attackers knows the passwors is printableI Entropy is about 6.66
I A key of 128 Bit should have an entropy of 128I What about the password TTTTTTTTTTTTTTTT?I 16 8-bit characters, 128 Bit. Entropy?I If all bits chosen uniformly at random, entropy is 128I Assume the attacker knows it’s ASCIII Ascii: every 8th Bit is zero: entropy at most 112
I Assume attacker knows that it consists of 16 equal charactersI All 16 Characters are equal: entropy at most 7I Assume the attackers knows the passwors is printableI Entropy is about 6.66
I A key of 128 Bit should have an entropy of 128I What about the password TTTTTTTTTTTTTTTT?I 16 8-bit characters, 128 Bit. Entropy?I If all bits chosen uniformly at random, entropy is 128I Assume the attacker knows it’s ASCIII Ascii: every 8th Bit is zero: entropy at most 112I Assume attacker knows that it consists of 16 equal charactersI All 16 Characters are equal: entropy at most 7
I Assume the attackers knows the passwors is printableI Entropy is about 6.66
I A key of 128 Bit should have an entropy of 128I What about the password TTTTTTTTTTTTTTTT?I 16 8-bit characters, 128 Bit. Entropy?I If all bits chosen uniformly at random, entropy is 128I Assume the attacker knows it’s ASCIII Ascii: every 8th Bit is zero: entropy at most 112I Assume attacker knows that it consists of 16 equal charactersI All 16 Characters are equal: entropy at most 7I Assume the attackers knows the passwors is printableI Entropy is about 6.66
I Hardware-based; physical phenomenaI time between emission of particles during radioactive decayI thermal noise from a semiconductor diode or resistorI frequency instability of a free running oscillatorI the amount a metal insulator semiconductor capacitor is charged
during a fixed period of timeI noise of microphone or camera
I Software-basedI the system clockI elapsed time between keystrokes or mouse movementI buffersI user inputI OS stats, e.g. network load
I Attacker must not be able to guess/influence the collected values
I Pseudo-Random Number Generator (PRNG):I Deterministic algorithmI Input: truly random binary sequence of length, seedI Output: sequence of random-looking numbers