跳转至

EN | ZH

密码安全 pseudo-random number generator

Introduction

The cryptographically secure pseudo-random number generator (CSPRNG), also known as the cryptographic pseudo-random number generator (CPRNG), is a special pseudo-random number generation. Device. It needs to meet some of the necessary features to be suitable for cryptographic applications.

Many aspects of cryptography require random numbers

demand

There is no doubt that the requirements for cryptographically secure pseudo-random number generators are certainly higher than for general pseudo-random number generators. In general, CSPRNG requirements can be divided into two categories.

  • Pass the statistical randomness test. CSPRNG must pass [next-bit test] (https://en.wikipedia.org/wiki/Next-bit_test), that is, knowing the first k bits of a sequence, it is impossible for an attacker to A probability greater than 50% predicts the next bit. One point mentioned here is that Yao Zhizhi proved in 1982 that if a generator can pass [next-bit test] (https://en.wikipedia.org/wiki/Next-bit_test), then it can also pass all other Polynomial time statistics test.
  • Must be able to resist strong enough attacks, such as when the initial state of the generator or the state of the runtime is known to the attacker, the attacker is still unable to obtain the generated random number before the leak state.

Categories

As far as the current situation is concerned, the design of CSPRNG can be divided into the following three categories.

  • Based on cryptographic algorithms such as ciphertext or hash values.
  • Based on math problems
  • Some special purpose designs

references


评论