Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Open Access Guideline
Open Access Guideline
Postgraduate Thesis Guideline
Postgraduate Thesis Guideline
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Entropy estimation methods and health tests for cryptographic random number generators
Download
PhD. Thesis - Melis Aslan.pdf
Date
2024-9-02
Author
Aslan, Melis
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
23
views
15
downloads
Cite This
Random numbers play a crucial role in cryptography since the security of cryptographic protocols relies on the assumption of the availability of uniformly distributed and unpredictable random numbers to generate secret keys, passwords, initialization vectors, nonces, salt, etc. True Random Number Generators (TRNGs) extract random numbers from physical processes (such as radioactive decay, thermal noise, and atmospheric noise) that are inherently unpredictable. However, real-world random number generators sometimes fail and produce outputs with low entropy, leading to security vulnerabilities. It is commonly observed that the TRNG outputs have statistical biases and dependencies that make them unsuitable to be directly used for cryptographic purposes. There are some standards and guidelines on generating and testing random numbers that are suitable for cryptographic applications. The National Institute of Standards and Technology (NIST) Special Publication (SP) 800-90 series provide guidelines and recommendations for generating random numbers for cryptographic applications and describes statistical randomness testing, estimating min-entropy with 10 black-box entropy estimation methods. In this thesis, we evaluate the effectiveness and limitations of the SP 800-90B methods by exploring the accuracy of these estimators using simulated random numbers with known entropy, investigating the correlation between entropy estimates, and studying the impacts of deterministic transformations on the estimators. To understand the unpredictability of the outputs, it is important to estimate their entropy accurately. The National Institute of Standards and Technology (NIST) Special Publication (SP) 800-90B specifies ten min-entropy estimators ranging from simple frequency-based estimators to more advanced approaches. Each estimator has specific assumptions, making them suitable for different types of sources. The minimum of these estimates is assumed to be the min-entropy of the TRNG. We propose a new entropy estimator (estimates min-entropy and also Shannon entropy) called index-value coincidence estimate that is suitable for outputs that might include some dependencies and we also provide some experimental results that demonstrate the effectiveness of the estimator. Additionally, TRNGs may be affected by outside conditions such as temperature, humidity, etc. Health tests are an integral part of the noise source of TRNG, defined to detect unexpected changes in the working process and dramatic changes in the amount of entropy generated by the noise source. Existing health test suites are examined, and a health test suite for cryptographic TRNGs is introduced by using random variables weight, run, runs of length 1 and overlapping templates. Some suggested parameters and experimental results are given.
Subject Keywords
random number generators
,
entropy
,
randomness
,
statistical randomness tests
,
health tests
,
correlation
URI
https://hdl.handle.net/11511/111251
Collections
Graduate School of Applied Mathematics, Thesis
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
M. Aslan, “Entropy estimation methods and health tests for cryptographic random number generators,” Ph.D. - Doctoral Program, Middle East Technical University, 2024.