validation of pseudo random numbers through graphical analysis andrew cronwright supervisor: barry...

Validation of Pseudo Random Numbers through Graphical Analysis

Andrew CronwrightSupervisor: Barry Irwin

Overview of this Presentation

• Randomness Defined• PRNG’s Introduced• Application of PRNG’s• Focus of PRNG’s in this Project• ISN’s Introduced• Results• Hardware RNG• Conclusion

What is randomness?

• A function or process not affected by any input or state

• Independent of previous results• Example

– Flipping an unbiased coin– Rolling die– Quantum effects

PRNG’s

• Mathematical function

• Deterministic by nature

• Simulates true randomness

• Produces “random” like output

• Used in many application

Applications of PRNG’s

• PRNG’s for different applications have different needs

• Cryptography

• TCP Initial Sequence Numbers

• Physical Simulations

• Games / Gambling (Lotto)

Cryptography

• Secret key must be random

• If not random, can be easily guessed

• Made random by collecting entropy

Physical Simulations

• Monte Carlo experiments require random numbers

• Provided by PRNG

Initial Sequence Numbers

• On the creation of a TCP connection

• A unique sequence number is used

• Used to identify packets belonging to a specific connection.

Initial Sequence Numbers, the problem

• T, trusted host

• C, client

• X, nasty person

1. X can cause connections to be dropped2. X can hijack connections and introduce

malicious code

Initial Sequence Numbers, the solution

• RFC 793 proposed linear method for ISN• New standards introduced after security issues

ISN = M + F(localhostIP + localport + remotehost + remoteportIP)

or

ISN = M + R(t)

or

ISN = R(t)

The problem

• Many computer systems need random numbers

• Provided by a PRNG

• PRNG’s can cause problems if not up to standard

Random Event Validation• Will use graphical methods to

identify randomness• Use the NIST test suite to support

findings• Investigate Initial Sequence

Numbers (ISNs)• Build hardware RNG

A graphical view• Method of delayed coordinates plotted in a

phase space

• Convert 1-D to 3-D by:X[n] = s[n-2] – s[n-3]

Y[n] = s[n-1] – s[n - 2]

Z[n] = s[n] – s[n-1]

• Higher dimensions are possible

• Acts as a “comb”

Example

Lattice view

X[n] = s[n]

Y[n] = s[n-1]

Z[n] = s[n-2]• This will highlight any lattice structure in

the sequence

Example

Spherical view

Θ[n] = 2 * PI * s[n-2]

φ[n] = PI * s[n-1]

r[n] = √( s[n] )

X[n] = r * Cos(θ) * Sin(φ)

Y[n] = r * Sin(θ) * Sin(φ)

Z[n] = r * Cos(φ)• Very similar to above method• Will also highlight dependencies in the data

sequnce

Example

Colour – A higher dimension

• Colour added using the HSV colour model

• Assign first number in sequence a colour, and pass through the spectrum assigning colours to each element

• Highlights whether sequence was created in a temporal manner

Results – Win XP

Win XP – SP1

Win XP – SP2

Cisco – IOS 12.1

Fedora Core 3

Hardware RNG

Hardware RNG - Results

Conclusion• PRNG’s are important, and should be

carefully selected for an application• ISN’s should be implemented using a

good quality PRNG• A hardware RNG is easy to implement,

can be easily incorperated in PC’s hardware

Conclusion cont.• Provided a graphical method for testing

random numbers• Easier and faster than statistical testing• Will show / identify attractors in data

quickly• Size of data set to test?