CN104699451A - True random number generation method - Google Patents
True random number generation method Download PDFInfo
- Publication number
- CN104699451A CN104699451A CN201510143177.1A CN201510143177A CN104699451A CN 104699451 A CN104699451 A CN 104699451A CN 201510143177 A CN201510143177 A CN 201510143177A CN 104699451 A CN104699451 A CN 104699451A
- Authority
- CN
- China
- Prior art keywords
- random number
- program
- number generation
- true random
- generation method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention discloses a true random number generation method, and belongs to the technical field of computer security. The method includes that a disturbance program with a concurrent execution mechanism is inserted into a software program, the disturbance program and a pseudo random number generation program are operated in an overlaid way to generate true random numbers, and the disturbance program quits operation. The true random number generation method has the advantages that insertion points and insertion time are selected flexibly, and the true random numbers are generated according to a pure software mechanism, so that the generated true random numbers are random, unpredictable and good in normal distribution property, can well resist replay attack and have high safety.
Description
Technical field
The invention discloses true random number generation method, belong to the technical field of computer security.
Background technology
What modern computer adopted is storage program structure, i.e. Feng-Von Neumann architecture, Feng-Neumann architecture is a kind of realization of determinacy universal Turing machine.The topmost feature of this structure is separated storage and program, and program is performed by CPU, and amendment stores data, thus completes various calculation task..Program (i.e. software) can be analyzed to a rule cpu instruction, and its execution result has determinacy, the feature of this also deterministic Turng machine just.So traditional Software-only method cannot produce true random number, pseudo random number can only be produced.
Random number is widely used in scientific algorithm as Monte Carlo EGS4 method, and computer safety field is as in various cryptographic algorithm, and particularly cryptographic algorithm is to the randomness of random number, and unpredictability and not dropping property have very high requirement.External Zeng You security firm describes a kind of Replay Attack for Pseudo-random number generator, by analyzing a kind of shuffling algorithm of snipsnapsnorum, find that the seed of the Pseudo-random number generator that this shuffling algorithm adopts comes from system time, if carry out synchronous by the computing machine of cheating with the time of game server, then crack this shuffling algorithm ery easy.
Based on above reality, the program very high to security requirement, the more hardware true random number maker that adopts produces true random number by hardware, utilization be various neighbourhood noises, collected for software application by hardware sensing equipment.Hardware produce the study hotspot of true random number mainly concentrate on generation speed and sequence evenly on, its medium velocity is bottleneck, and homogeneity repeatedly can be combined by software approach and make up.But hardware needs cost after all, and implement also cumbersome, also higher to the requirement of environment.Be integrated with a kind of true random number maker in the CPU of recent Intel, but cannot effect be produced again to original old computer system.
Summary of the invention
Technical matters to be solved by this invention is the deficiency for above-mentioned background technology, provide true random number generation method, generate true random number by computing machine pure software mechanism, solve software pseudo random number and generate the technical matters being easy to be broken, hardware Pseudo-random number generator exists speed bottle-neck and cost consumption is large.
The present invention adopts following technical scheme for achieving the above object:
True random number generation method, comprises the steps:
A. will the interference program of executed in parallel mechanism be adopted to insert software program;
B. interference program after being activated run overlapping with pseudo random number generation program generate true random number;
C. interference program is out of service.
As the further prioritization scheme of described true random number generation method, in steps A, described interference program is inserted multiple thread.
Further, described true random number generation method, in step B, interference program is activated when multithreading timeslice arrives, and in step C, interference program runs at the full backed off after random of timeslice.
As the further prioritization scheme of described true random number generation method, by described interference program insertion system event in steps A.
Further, described true random number generation method, in step B, interference program is activated when system event produces, and in step C, interference program runs the operation of setting duration backed off after random.
Further, in described true random number generation method, interference program is identical with pseudo random number generation program.
The present invention adopts technique scheme, there is following beneficial effect: by inserting the interference program adopting executed in parallel mechanism in software program, choose insertion point and insertion opportunity flexibly, Overlapped Execution pseudo random number generation program and interference program, by the true random number that pure software mechanism generates, there is randomness, unpredictability, good normal distribution, can be good at preventing playback attack, possess good security.
Accompanying drawing explanation
Fig. 1 is the schematic diagram that true random number generates.
Embodiment
True random number generation method of the present invention, as shown in Figure 1, comprises the steps:
(1) write an interference unit software program, this program can be the program of a particular code, or is exactly directly the code of the original Pseudo-random number generator of employing system;
(2) this interference unit software program is inserted in the computer software that will dispose, interference unit can be put into independently thread or a multiple thread, also system event can be put it into if system idles event/user interactions event etc. is (as mouse moves click, user keystroke operation etc.) in, wait for that proper moment runs;
(3) interference unit (multithreading timeslice arrives or system event produces) when being activated runs, and destroys, then or operation special time backed off after random full in timeslice to the data of former Pseudo-random number generator.
Together with interference unit software program is actually and is compiled in host program, program after deployment is the two combination, interference unit program and host program shared drive, thus the interference unit code seed that can use in the pseudo-random sequence generating code (as the rand function of C/C++ language, the random function of Pascal/Delphi language) that uses of clog-free amendment host program or result data.If the seed data in host program not easily obtains, directly can define a new pseudo random number function and replace original function for host program and call, in a word, object creates executive condition to interference unit.Interference unit can directly adopt the multithreading that do not lock to run, also can activate in various random occurrence, as user's mouse moving event, user's KeyEvent, various events that can activate in the unpredictable time such as network card data bag monitoring event etc., mentioned herein to method fail to comprise all system events.Those skilled in the art can expand more possibility insertion point accordingly, and insertion point caused interference larger more, and the random number generated just has larger randomness, unpredictability.
Here the example signal interference unit for a multithreading how to destroy original Pseudo-random number generator
Data (representing with S):
If Pseudo-random number generator P, code (pseudo-code) is as follows:
(P1) A :=S // obtain seed data, put into register A
(P2) A :=A * MagicNumber+1 // to register A does sums the value of computing, amendment A
(P3) S :=A // value of register A is put back to the position of seed data
(P4) return A // function returns A value
We write following interference unit Q, and code (pseudo-code) is as follows:
(Q1) A :=S // obtain seed data, put into register A
(Q2) A :=A ^2 % MagicNumber // register A is done sums computing, the value of amendment A
(Q3) S :=A // value of register A is put back to the position of seed data
When single-threaded, P1-> P2-> P3->P4 order performs, system obtains pseudo-random number sequence, this sequence is pseudo-random sequence, same seed repeatedly runs, its follow-up all sequences is completely the same, can not be used in the program to security sensitive.
When multithreading, the operation of system has multiple possibility, likely P1->P2->P3->P4, with Q1->Q2->Q3 entire run respectively, but also likely overlapping operation, (P2 and Q2 only affects the value of register, does not affect result as follows.Can be merged into next step represent, as P23 and Q23):
(performing sequence 1) P1->Q1->P23->Q 23->P4
Or
(performing sequence 2) P1->P23->P4->Q1->Q23
Or
(performing sequence 3) Q1->Q23->P1->P23->P4
Combine Deng other various arrangements.
As long as there occurs overlapping operation, result is just difficult to prediction, above the result of 3 examples as follows:
(performing sequence 1) operation result:
S := S ^2 % MagicNumber
P function returns S * MagicNumber+1
(performing sequence 2) operation result:
S := (S * MagicNumber + 1) ^2 % MagicNumber
P function returns S * MagicNumber+1
(performing sequence 3) operation result:
S := S ^2 % MagicNumber * MagicNumber + 1
P function returns S ^2 % MagicNumber * MagicNumber+1
In the above results, the S in all r value expression formulas is the S value before code runs to herein, and the S in lvalue (:=left side) is the S value after code runs.As can be seen from above-mentioned several example, the value of seed number S is all different in multiple execution sequence with the rreturn value of P, and combinations thereof ceaselessly can produce repeatedly multiple combination, thus makes execution result have uncertainty.
The present invention does not rely on specific software environment, can be widely used in existing various software environment, very little to the amendment of system, thus has a wide range of applications basis.Interference unit is inserted in software program and runs, interference effect is produced to original Pseudo-random number generator, thus enchancement factor is brought into the random series of original Pseudo-random number generator generation, make these random seriess have true randomness, unpredictability, not dropping property etc.Those skilled in the art can choose insertion point and the insertion time of interference program as required flexibly, thus make it when run and the completely random such as the number of times that runs, unpredictable.Interference unit operationally directly can revise the seed data of former Pseudo-random number generator; or direct and former Pseudo-random number generator produces parallel reentry and runs; produce data-writing conflict by the mode of the not protected data of not locking, cause the randomness of operation result.User is when obtaining pseudo random number by Pseudo-random number generator, because the disturbed device of these data pollutes, thus makes these data have randomness and unpredictability, can be good at preventing playback attack.User is when deployment software system, and except in some places or inserting interference unit software program opportunity, other calling interfaces do not change, and original software systems do not need amendment, dispose simply, implement flexibly.
Claims (6)
1. true random number generation method, is characterized in that, comprises the steps:
A. will the interference program of executed in parallel mechanism be adopted to insert software program;
B. interference program after being activated run overlapping with pseudo random number generation program generate true random number;
C. interference program is out of service.
2. true random number generation method according to claim 1, is characterized in that, in steps A, described interference program is inserted multiple thread.
3. true random number generation method according to claim 2, is characterized in that, in step B, interference program is activated when multithreading timeslice arrives, and in step C, interference program runs at the full backed off after random of timeslice.
4. true random number generation method according to claim 1, is characterized in that, by described interference program insertion system event in steps A.
5. true random number generation method according to claim 4, is characterized in that, in step B, interference program is activated when system event produces, and in step C, interference program runs the operation of setting duration backed off after random.
6. according to the true random number generation method in claim 1 to 5 described in any one claim, it is characterized in that, described interference program is identical with pseudo random number generation program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510143177.1A CN104699451B (en) | 2015-03-30 | True random number generation method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510143177.1A CN104699451B (en) | 2015-03-30 | True random number generation method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104699451A true CN104699451A (en) | 2015-06-10 |
| CN104699451B CN104699451B (en) | 2018-02-09 |
Family
ID=
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106648543A (en) * | 2016-12-29 | 2017-05-10 | 北京握奇智能科技有限公司 | Random number generation method and device |
| CN107980135A (en) * | 2017-10-27 | 2018-05-01 | 福建联迪商用设备有限公司 | The method and system that a kind of terminal random number occurs |
| CN108038821A (en) * | 2017-11-20 | 2018-05-15 | 河海大学 | A kind of image Style Transfer method based on production confrontation network |
| CN110780848A (en) * | 2019-10-16 | 2020-02-11 | 上海链度科技有限公司 | Double-random generation method and supervision system based on block chain distributed random process |
| US11416219B2 (en) | 2019-07-15 | 2022-08-16 | Realtek Semiconductor Corporation | True random number generator and method for generating true random number |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101416152A (en) * | 2006-03-31 | 2009-04-22 | 阿兰·舒马赫 | Method and apparatus for generating random numbers |
| CN102063285A (en) * | 2010-12-24 | 2011-05-18 | 倍奥锐(北京)科技有限公司 | True random number generation method implemented by software |
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101416152A (en) * | 2006-03-31 | 2009-04-22 | 阿兰·舒马赫 | Method and apparatus for generating random numbers |
| CN102063285A (en) * | 2010-12-24 | 2011-05-18 | 倍奥锐(北京)科技有限公司 | True random number generation method implemented by software |
Non-Patent Citations (2)
| Title |
|---|
| 梁云杰等: "一种软件生成真随机数的算法研究", 《电脑开发与应用》 * |
| 梁金千等: "在计算机上产生真随机数的探讨", 《计算机工程》 * |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106648543A (en) * | 2016-12-29 | 2017-05-10 | 北京握奇智能科技有限公司 | Random number generation method and device |
| CN106648543B (en) * | 2016-12-29 | 2019-09-27 | 北京握奇智能科技有限公司 | A kind of random digit generation method and device |
| CN107980135A (en) * | 2017-10-27 | 2018-05-01 | 福建联迪商用设备有限公司 | The method and system that a kind of terminal random number occurs |
| CN108038821A (en) * | 2017-11-20 | 2018-05-15 | 河海大学 | A kind of image Style Transfer method based on production confrontation network |
| US11416219B2 (en) | 2019-07-15 | 2022-08-16 | Realtek Semiconductor Corporation | True random number generator and method for generating true random number |
| CN110780848A (en) * | 2019-10-16 | 2020-02-11 | 上海链度科技有限公司 | Double-random generation method and supervision system based on block chain distributed random process |
| CN110780848B (en) * | 2019-10-16 | 2023-05-12 | 上海链度科技有限公司 | Dual-random generation method and supervision system based on block chain distributed random process |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Brasser et al. | Software grand exposure:{SGX} cache attacks are practical | |
| Briongos et al. | Cacheshield: Detecting cache attacks through self-observation | |
| Gutterman et al. | Analysis of the linux random number generator | |
| Bazm et al. | Cache-based side-channel attacks detection through intel cache monitoring technology and hardware performance counters | |
| Stefan et al. | Eliminating cache-based timing attacks with instruction-based scheduling | |
| Chen et al. | Dataether: Data exploration framework for ethereum | |
| KR20190095458A (en) | Distributed Hardware Tracing | |
| CN102566924B (en) | Soft keyboard operation processing method capable of enhancing safety protection | |
| Ivutin et al. | Simulation of concurrent process with Petri-Markov nets | |
| CN110462588A (en) | Virtual machine operation tracking | |
| Teh et al. | GPUs and chaos: a new true random number generator | |
| US20190197216A1 (en) | Method, apparatus, and computer-readable medium for executing a logic on a computing device and protecting the logic against reverse engineering | |
| US20220405404A1 (en) | Protecting cryptographic keys stored in non-volatile memory | |
| Cao et al. | To share or not to share: comparing burst buffer architectures | |
| Shen et al. | Micro-architectural cache side-channel attacks and countermeasures | |
| CN104169887A (en) | Run-time instrumentation indirect sampling by instruction operation code | |
| Arıkan et al. | Processor security: Detecting microarchitectural attacks via count-min sketches | |
| Majumdar et al. | A survey of control-flow obfuscations | |
| Păun et al. | Sequentiality induced by spike number in SNP systems: small universal machines | |
| Dalai et al. | A code obfuscation technique to prevent reverse engineering | |
| CN104699451A (en) | True random number generation method | |
| Tillich et al. | SCA-resistant embedded processors: The next generation | |
| Yeh et al. | A circular pipeline processing based deterministic parallel test pattern generator | |
| CN104699451B (en) | True random number generation method | |
| CN109918928A (en) | A kind of password chronometric analysis method of cache access collision |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20180209 |