Software Random Number Generator Design And Implementation Technology Research

Random number generator is the foundation and core of modern cryptography.The random number generated by RNG provides basic security for many cryptographic applications,such as cryptographic algorithms and security protocols.With the development of mobile Internet,Internet of things and other technologies,the use of random numbers is expanding.The traditional hardware-based random number generator has the problems of difficult hardware update and high development cost,which limits its application scope.Therefore,software RNG(SRNG)is usually used in computers,mobile terminals and other devices to provide random number services.In general,SRNG collects information from external entropy sources(such as keyboard and mouse operation,disk write operation),and the data is further processed in the form of software to generate random data.At present,Linux,Android,Windows and other typical operating system platforms have their own SRNG,providing software-based random number generation services.In this thesis,the security design of software random number generator on the operating system platform is taken as the starting point,and the research work focuses on two key points in the design of SRNG.One is how to measure the randomness of the entropy source when the SRNG is running,and call the post-processing module to improve the statistical characteristics of output sequence when the entropy is insufficient.The second is how to design and implement SRNG post-processing extension algorithm with high security to ensure the security of internal state and output sequence in the post-processing module.Therefore,a software random number generator with a entropy monitoring function is designed and implemented in this thesis.The following are the main contributions of this thesis.(1)High precision time series is selected as entropy source data.The high-precision nanosecond time is used as the entropy source in this architecture.After theoretical and experimental results analysis,it has the characteristics of good unpredictability and high data generation rate.Although time series has been regarded as entropy source data in many related researches,there are some disadvantages suchas high repetition rate and continuity of time series data due to frequent occurrence of entropy source events.For example,Linux random number generator takes the occurrence time of entropy source events as entropy source data,and additional operations are needed to eliminate the correlation between time series in the future.(2)An online entropy monitoring mechanism based on statistical test suite is proposed,which includes two modules: Online entropy estimation and entropy judgment.Based on the C++ version of NIST SP 800-90 B statistical test suite after code optimization,this thesis designs and implements an embedded online entropy estimation module.On the premise of ensuring the output quality of EM-SRNG,an entropy judgment module is designed and implemented to reduce the computational resource overhead caused by calling the post-processing module,so as to improve the overall performance of EM-SRNG.(3)Implementation the post-processing module with high security to ensure the security of internal state in EM-SRNG post-processing module.The post-processing module of this architecture is designed based on SM series cipher algorithm independently developed in China.Two post-processing extension algorithms based on SM3 and SM4 cipher algorithms are selected to improve the security of internal state and the statistical characteristics of output sequence.In addition,By comparing the EM-SRNG and the Linux random number generator(LRNG,one of the current mainstream SRNGs),the experimental results show that,in terms of security,through SP 800-90 B test,it is found that the output quality of EM-SRNG is equal to the data quality provided by LRNG dev/random,but slightly better than that provided by LRNG dev/random,with the minimum entropy of about 0.94/bit per bit;in terms of rate,the data generation rate of EM-SRNG is about 4 orders of magnitude higher than that of LRNG dev/random,but because the90 B statistical suite is embedded in the structure for online entropy estimation.The speed of EM-SRNG is slower than that of LRNG dev/urandom,which is about 4Mbps.