CN111541537B - Random number defect detection method and device - Google Patents

Random number defect detection method and device Download PDF

Info

Publication number
CN111541537B
CN111541537B CN202010323924.0A CN202010323924A CN111541537B CN 111541537 B CN111541537 B CN 111541537B CN 202010323924 A CN202010323924 A CN 202010323924A CN 111541537 B CN111541537 B CN 111541537B
Authority
CN
China
Prior art keywords
random number
defect
random numbers
defect type
random
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010323924.0A
Other languages
Chinese (zh)
Other versions
CN111541537A (en
Inventor
秦明闯
郑玉伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Douyin Vision Co Ltd
Douyin Vision Beijing Co Ltd
Original Assignee
Beijing ByteDance Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing ByteDance Network Technology Co Ltd filed Critical Beijing ByteDance Network Technology Co Ltd
Priority to CN202010323924.0A priority Critical patent/CN111541537B/en
Publication of CN111541537A publication Critical patent/CN111541537A/en
Application granted granted Critical
Publication of CN111541537B publication Critical patent/CN111541537B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • For Increasing The Reliability Of Semiconductor Memories (AREA)

Abstract

The present disclosure provides a method and a device for detecting random number defects, wherein when the random number defects need to be detected, a random number generator is controlled to generate a plurality of random numbers, and the plurality of random numbers are obtained; then, determining a target defect type to be detected and random number defect expression characteristics corresponding to the target defect type; then, analyzing the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers; finally, when the data characteristics of the random numbers are matched with the random number expression characteristics corresponding to the target defect type, the random number defect of the target defect type in the current environment is determined.

Description

Random number defect detection method and device
Technical Field
The present disclosure relates to the field of data processing, and in particular, to a method and an apparatus for detecting a random number defect.
Background
Random numbers are the basis of cryptography, and passwords generated on the basis of random numbers are widely applied to communication between devices of the internet of things. For example, in a device that performs communication using Transport Layer Security (TLS), when the TLS protocol initiates communication, an encryption suite for communication needs to be negotiated through a handshake, then a symmetric encryption key is determined by combining a random number, and finally a server and a client communicate through the key.
If the random number used for generating the key has defects, the key is easy to be decrypted, falsified, forged and the like, and the safety of communication is seriously influenced. Therefore, a technique is needed to detect the random number to determine whether the random number has defects.
Disclosure of Invention
In view of the above, the present disclosure at least provides a random number defect detection method and apparatus.
In a first aspect, the present disclosure provides a random number defect detection method, including:
when the defects of the random numbers need to be detected, controlling a random number generator to generate a plurality of random numbers and acquiring the plurality of random numbers;
determining a target defect type to be detected and a random number defect expression characteristic corresponding to the target defect type;
analyzing the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers;
and when the data characteristics of the plurality of random numbers are matched with the random number expression characteristics corresponding to the target defect type, determining that the random number defect of the target defect type exists in the current environment.
In a possible implementation manner, the determining the target defect type to be detected and the random number defect performance characteristics corresponding to the target defect type includes:
acquiring an appointed target defect type to be detected and random number defect expression characteristics corresponding to the target defect type from at least one preset random number defect type and random number defect expression characteristics corresponding to each random number defect type;
wherein the at least one random number defect type comprises: at least one of a random number seed defect type, a random number generation defect type and a random number quality defect type;
the random number seed defect type is used for indicating that the seed used for generating the random number has a defect with poor randomness;
the random number generation defect type is used for indicating that the generated random number has defects with predictability;
the random number quality defect type is used for indicating that the generated random numbers have defects with poor randomness.
In one possible embodiment, when the target defect type includes the random number sub-defect type, the controlling the random number generator to generate a plurality of random numbers, and obtaining the plurality of random numbers includes:
controlling the random number generator to execute restarting or starting operation, and acquiring a plurality of generated random numbers as a plurality of first target random numbers;
the analyzing the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers comprises:
determining a total number of the first target random numbers and a maximum number of identical first target random numbers in the first target random numbers;
and determining the data repeatability characteristics of the plurality of random numbers based on the ratio of the maximum number to the total number, and taking the data repeatability characteristics as the data characteristics of the plurality of random numbers.
In one possible embodiment, the random number seed defect types include a fixed random number seed defect type and a weak random number seed defect type;
when the data characteristics of the plurality of random numbers are matched with the random number expression characteristics corresponding to the target defect type, determining that the random number defect of the target defect type exists in the current environment, including:
if the ratio corresponding to the data repeatability characteristics is smaller than 1, determining that the data characteristics of the random numbers are matched with the random number expression characteristics corresponding to the weak random number sub-defect types, and the random number defects of the weak random number sub-defect types exist in the current environment;
and if the ratio corresponding to the data repeatability characteristics is equal to 1, determining that the data characteristics of the plurality of random numbers are matched with the random number representation characteristics corresponding to the fixed random number seed defect types, and the random number defect of the fixed random number seed defect type exists in the current environment.
In one possible embodiment, when the target defect type includes the random number generation defect type, the controlling the random number generator to generate a plurality of random numbers, and acquiring the plurality of random numbers includes:
controlling the random number generator to be in communication connection with other equipment, and acquiring a plurality of random numbers generated when the random number generator and other equipment perform handshake operation as a plurality of second target random numbers;
analyzing the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers, including:
predicting a plurality of random numbers generated by the random number generator when the random number generator is in communication connection with other equipment and executes a handshake operation based on the plurality of second target random numbers;
acquiring a plurality of random numbers actually generated by the random number generator;
determining the predictability characteristics of the plurality of random numbers based on whether the plurality of random numbers obtained by prediction are the same as the plurality of actually generated random numbers or not, and taking the predictability characteristics as the data characteristics of the plurality of random numbers;
when the data characteristics of the plurality of random numbers are matched with the random number expression characteristics corresponding to the target defect type, determining that the random number defect of the target defect type exists in the current environment, including:
and if the predictability characteristics indicate that the plurality of random numbers obtained by prediction are the same as the plurality of actually generated random numbers, determining that the data characteristics of the plurality of random numbers are matched with the random number representation characteristics corresponding to the random number generation defect types, and the random number defects of the random number generation defect types exist in the current environment.
In one possible embodiment, when the target defect type includes the random number quality defect type, the controlling the random number generator to generate a plurality of random numbers, and acquiring the plurality of random numbers includes:
controlling the random number generator to be in communication connection with other equipment, and acquiring a plurality of random numbers generated when the random number generator and other equipment perform handshake operation as a plurality of third target random numbers;
analyzing the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers, including:
determining randomness characteristics of the third plurality of target random numbers;
determining a random number quality characteristic of the plurality of third target random numbers based on the determined randomness characteristic, and taking the random number quality characteristic as a data characteristic of the plurality of random numbers;
when the data characteristics of the plurality of random numbers are matched with the random number expression characteristics corresponding to the target defect type, determining that the random number defect of the target defect type exists in the current environment, including:
and if the random number quality characteristics indicate that the randomness of the third target random numbers is lower than a preset threshold value, determining that the data characteristics of the random numbers are matched with the random number representation characteristics corresponding to the random number quality defect types, and the random number defects of the random number quality defect types exist in the current environment.
In a second aspect, the present disclosure provides a random number defect detecting apparatus, comprising:
the random number control generation module is used for controlling the random number generator to generate a plurality of random numbers when the defects of the random numbers need to be detected, and acquiring the plurality of random numbers;
the performance characteristic determining module is used for determining the type of the target defect to be detected and the performance characteristics of the random number defect corresponding to the type of the target defect;
the data characteristic determining module is used for analyzing the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers;
and the defect determining module is used for determining that the random number defect of the target defect type exists in the current environment when the data characteristics of the plurality of random numbers are matched with the random number expression characteristics corresponding to the target defect type.
In a possible implementation manner, when determining the target defect type to be detected and the random number defect performance characteristics corresponding to the target defect type, the performance characteristic determining module is configured to:
acquiring an appointed target defect type to be detected and random number defect representation characteristics corresponding to the target defect type from at least one preset random number defect type and random number defect representation characteristics corresponding to each random number defect type;
wherein the at least one random number defect type comprises: at least one of a random number seed defect type, a random number generation defect type and a random number quality defect type;
the random number seed defect type is used for indicating that the seed used for generating the random number has a defect with poor randomness;
the random number generation defect type is used for indicating that the generated random number has defects with predictability;
the random number quality defect type is used for indicating that the generated random numbers have defects with poor randomness.
In a third aspect, the present disclosure provides an electronic device, comprising: a processor, a memory and a bus, the memory storing machine-readable instructions executable by the processor, the processor and the memory communicating over the bus when the electronic device is operating, the machine-readable instructions when executed by the processor performing the steps of the random number defect detection method as described above.
In a fourth aspect, the present disclosure also provides a computer-readable storage medium having a computer program stored thereon, where the computer program is run by a processor to perform the steps of the random number defect detection method as described above.
The above-described apparatus, electronic device, and computer-readable storage medium of the present disclosure contain at least technical features that are substantially the same as or similar to the technical features of any aspect or any implementation of any aspect of the above-described method of the present disclosure.
The method and the device for detecting the random number defects provided by the disclosure are characterized in that firstly, when the random number defects need to be detected, a random number generator is controlled to generate a plurality of random numbers, and the plurality of random numbers are obtained; then, determining a target defect type to be detected and random number defect expression characteristics corresponding to the target defect type; then, analyzing the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers; finally, when the data characteristics of the plurality of random numbers are matched with the random number expression characteristics corresponding to the target defect type, the random number defect of the target defect type in the current environment is determined.
Drawings
To more clearly illustrate the technical solutions of the embodiments of the present disclosure, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present disclosure and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings may be obtained from the drawings without inventive effort.
FIG. 1 illustrates a communication flow diagram of a client and a server during a TLS handshake phase;
FIG. 2 shows a schematic diagram of a client communicating with the Internet through a man-in-the-middle server;
FIG. 3 is a flow chart illustrating a random number defect detection method provided by an embodiment of the present disclosure;
FIG. 4 is a diagram illustrating a hardware connection for detecting a mobile-generated random number using a random number detection apparatus;
FIG. 5 is a schematic structural diagram illustrating a random number defect detection apparatus provided in an embodiment of the present disclosure;
fig. 6 shows a schematic structural diagram of an electronic device provided in an embodiment of the present disclosure.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present disclosure more clear, the technical solutions of the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure, and it should be understood that the drawings in the present disclosure are for illustrative and descriptive purposes only and are not used to limit the scope of the present disclosure. Additionally, it should be understood that the schematic drawings are not necessarily drawn to scale. The flowcharts used in this disclosure illustrate operations implemented according to some embodiments of the present disclosure. It should be understood that the operations of the flow diagrams may be performed out of order, and steps without logical context may be performed in reverse order or simultaneously. In addition, one skilled in the art, under the direction of the present disclosure, may add one or more other operations to the flowchart, and may remove one or more operations from the flowchart.
In addition, the described embodiments are only a few embodiments of the present disclosure, not all embodiments. The components of the embodiments of the present disclosure, as generally described and illustrated in the figures herein, could be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present disclosure, presented in the figures, is not intended to limit the scope of the claimed disclosure, but is merely representative of selected embodiments of the disclosure. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the disclosure without making creative efforts, shall fall within the protection scope of the disclosure.
To enable one skilled in the art to use the present disclosure, the following embodiments are given in connection with the specific application scenario "defect detection of random numbers in devices utilizing TLS communication". It will be apparent to those skilled in the art that the general principles defined herein may be applied to other embodiments and applications requiring random number defect detection without departing from the spirit and scope of the present disclosure. Although the present disclosure is primarily described in the context of defect detection of random numbers in devices utilizing TLS communications, it should be understood that this is merely one exemplary embodiment.
It should be noted that the term "comprising" is used in the embodiments of the present disclosure to indicate the presence of the features stated hereinafter, but does not exclude the addition of further features.
In the TLS handshake phase, in a device that communicates by using TLS, a Random Number generator generates a Random Number, for example, a Random Number is included in a packet Client Hello generated by a Client in fig. 1.
In the prior art, as shown in fig. 2, a Client accesses to a broker server mitmproxy (broker) through a proxy service, and the broker server can view complete TLS handshake information, including a random number of interaction between the Client and the server. However, in the prior art, there is no function of detecting defects of random numbers, and it is not possible to ensure that the generated random numbers have high quality, so as to ensure the security of communication. The present disclosure provides a method and a device for detecting random number defects, wherein when the random number defects need to be detected, a random number generator is controlled to generate a plurality of random numbers, and the plurality of random numbers are obtained; then, determining a target defect type to be detected and random number defect expression characteristics corresponding to the target defect type; then, analyzing the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers; finally, when the data characteristics of the plurality of random numbers are matched with the random number expression characteristics corresponding to the target defect type, the random number defect of the target defect type in the current environment is determined.
The method and apparatus for detecting defects in random numbers provided by the present disclosure are described in detail by specific embodiments below.
The embodiment of the disclosure provides a random number defect detection method, which is applied to terminal equipment or a device for detecting random number defects. Specifically, as shown in fig. 3, the random number defect detection method may include the following steps:
s310, when the defect of the random number needs to be detected, controlling the random number generator to generate a plurality of random numbers and acquiring the plurality of random numbers.
Here, the random number generator may belong to the above-described device that communicates using TLS. The communication device for communicating by using TLS may be a mobile phone, an internet of things device, and the like.
In specific implementation, the random number generator may be controlled to generate a plurality of random numbers when performing operations such as restarting, booting, or communicating with other devices, performing a handshake operation, and the like. Specifically, the method includes controlling a random number generator to generate a plurality of random numbers based on a target defect type to be detected, for example, controlling the random number generator to execute a restart or startup operation when the target defect type to be detected is a random number seed defect type, and acquiring the plurality of random numbers generated by the random number generator at the moment; for another example, when the target defect type to be detected is a random number generation defect type or a random number quality defect type, the random number generator is controlled to be in communication connection with other devices, and a plurality of random numbers generated when the random number generator and the other devices perform a handshake operation are acquired.
S320, determining the type of the target defect to be detected and the random number defect expression characteristics corresponding to the target defect type.
Specifically, the specified target defect type to be detected and the random number defect representation characteristics corresponding to the target defect type may be obtained from at least one preset random number defect type and the random number defect representation characteristics corresponding to each random number defect type.
The at least one random number defect type includes: at least one of a random number seed defect type, a random number generation defect type, and a random number quality defect type. The random number seed defect type is used for indicating that the seed used for generating the random number has a defect with poor randomness; the random number generation defect type is used for indicating that the generated random number has defects with predictability; the random number quality defect type is used to indicate that there is a defect in which the generated random numbers have poor randomness.
Of course, the random number defect types do not include only three of the above examples, and may include other random number defect types, which is not limited by the present disclosure.
S330, analyzing the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers.
Here, different data characteristics of the plurality of random numbers need to be analyzed according to different target defect types, for example, when the target defect type is a random number seed defect type, data repeatability characteristics of the plurality of random numbers need to be analyzed; for another example, when the target defect type is a random number generation defect type, the predictability characteristics of a plurality of random numbers need to be analyzed; for another example, when the target defect type is a random number quality defect type, the randomness characteristics of a plurality of random numbers need to be analyzed.
S340, when the data characteristics of the plurality of random numbers are matched with the random number expression characteristics corresponding to the target defect type, determining that the random number defect of the target defect type exists in the current environment.
In step 330, the data repeatability characteristic, the predictability characteristic and the randomness characteristic of the plurality of random numbers can be determined simultaneously by analyzing the plurality of random numbers. And then, determining whether the plurality of random numbers generated by the random number generator have defects corresponding to the preset random number defect types or not by using the determined several characteristics and the random number representation characteristics corresponding to each preset random number defect type.
In some embodiments, when the target defect type is the random number seed defect type, at this time, it is necessary to control the random number generator to perform a restart or boot operation, and obtain a plurality of generated random numbers. Here, the acquired plurality of random numbers may be used as a plurality of first target random numbers, the data repeatability characteristics are determined by using the plurality of first target random numbers, and the plurality of first target random numbers, that is, whether the plurality of random numbers generated by the random number generator have data defects corresponding to the random number sub-defect types or not, are determined by using the data repeatability characteristics.
Specifically, the total number of the plurality of first target random numbers and the maximum number of the same first target random numbers in the plurality of first target random numbers are determined; determining a data repeatability characteristic of the plurality of random numbers based on a ratio of the maximum number to the total number, the data repeatability characteristic being a data characteristic of the plurality of random numbers; and then, when the determined data characteristics are matched with the random number expression characteristics corresponding to the random number seed defect types, determining that the random number defects of the random number seed defect types exist in the current environment.
In one embodiment, the random number sub-defect types may include a fixed random number sub-defect type and a weak random number sub-defect type. At this time, if the ratio corresponding to the data repeatability characteristics is smaller than 1, it is determined that the data characteristics of the random numbers are matched with the random number representation characteristics corresponding to the weak random number sub-defect types, and the random number defect of the weak random number sub-defect type exists in the current environment. And if the ratio corresponding to the data repeatability characteristics is equal to 1, determining that the data characteristics of the plurality of random numbers are matched with the random number representation characteristics corresponding to the fixed random number sub-defect types, and the data defects corresponding to the fixed random number sub-defect types exist in the current environment.
In practical applications, the startup or restart operation is not an operation that is continuously executed for multiple times, so the random number defect types of the generated random numbers are generally a fixed random number sub-defect type and a weak random number sub-defect type, and therefore, when the random number defect detection is performed, the data repeatability characteristic corresponding to the fixed random number seed defect type or the weak random number seed defect type needs to be determined.
The random number sub-defect type is used for indicating that seeds for generating random numbers have defects of poor randomness, and if the determined data repeatability characteristics indicate that some first target random numbers in the plurality of first target random numbers are the same, the random numbers generated by the random number generator have weak random number seed defects, namely the random number generator uses weak random number seeds when generating random numbers; if the data repeatability characteristic determined above indicates that the plurality of first target random numbers are all the same, then it is determined that the random number sequence generated by the random number generator has a fixed random number seed deficiency, i.e., the random number generator uses a fixed random number seed when generating random numbers.
In specific implementation, if the random number generator belongs to the internet of things device, the obtained random number may be a random number generated by the random number generator in a TLS handshake phase in multiple reboots or boots processes.
When the method determines whether the random number generated by the random number generator has the random number sub-defect type, the random number generator can generate one random number every time the random number generator is started or restarted.
If the random number generator generates a plurality of random numbers each time the random number generator is started or restarted, at this time, when determining whether the random number generated by the random number generator has data defects corresponding to the random number sub-defect types, specifically, the random number generator obtains a random number series generated each time the random number generator is started or restarted for a plurality of times; then, for every two random number series, determining the maximum ratio of the same random numbers in the two random number series; selecting the maximum occupation ratio with the largest value from the maximum occupation ratios corresponding to all random number series, and judging whether the selected maximum occupation ratio is larger than a preset first threshold value or not, if so, determining that the random number generated by the random number generator has data defects corresponding to the fixed random number seed defect type, otherwise, judging whether the selected maximum occupation ratio is larger than a preset second threshold value or not, and if so, determining that the random number generated by the random number generator has data defects corresponding to the weak random number seed defect type; otherwise, determining that the random number generated by the random number generator does not have the data defect corresponding to the random number sub-defect type. Here, the first threshold is greater than the second threshold.
In some embodiments, when the target defect type is the random number generation defect type, the random number generator is controlled to be in communication connection with other devices, and a plurality of random numbers generated when the random number generator and other devices perform a handshake operation are acquired. Here, the acquired plurality of random numbers may be taken as a plurality of second target random numbers, the predictability characteristics may be determined using the plurality of second target random numbers, and the predictability characteristics may be used to determine whether the plurality of second target random numbers, i.e., the plurality of random numbers generated by the random number generator, have data defects corresponding to the random number generation defect types.
Specifically, on the basis of the plurality of second target random numbers, predicting a plurality of random numbers generated when the random number generator performs a handshake operation while performing communication connection with other devices; then, acquiring a plurality of random numbers actually generated by the random number generator; and finally, when the determined data characteristics are matched with the random number representation characteristics corresponding to the random number generation defect types, determining that the data defects corresponding to the random number generation defect types exist in the current environment.
When data feature matching is performed, if the predictability feature indicates that the plurality of random numbers obtained through prediction are the same as the plurality of actually generated random numbers, it is determined that the data features of the plurality of random numbers are matched with the random number representation features corresponding to the random number generation defect types, and the data defects corresponding to the random number generation defect types exist in the current environment, namely the random numbers generated by the random number generator.
In the above-described embodiment, the random number generator is communicatively connected to other devices, and the plurality of second target random numbers generated when the handshake operation is performed generally have a defect of random number generation, and the data attribute feature matching with the type of the defect of random number generation is a predictability feature.
In the above-described embodiment, the random number generated by the random number generator is predicted using the second target random number that the random number generator has generated, and the predicted random number is compared with the random number actually generated by the random number generator to determine the predictability characteristics of the random number generated by the random number generator. If the predicted random number is completely the same as the actually generated random number sequence or the same number is larger, the fact that the random number generated by the random number generator is predictable indicates that the random number generated by the random number generator has a data defect of the random number generation defect type object can be judged.
In particular implementations, the algorithm of Glibc may be used to predict the random numbers generated by the random number generator. If the predicted random number is completely the same as the actual random number, or the number of the predicted random numbers is larger, the random number generator is a weak random number generator using Glibc.
In practical applications, the communication operation between the random number generator and other devices may be performed continuously, so that after the random number detection device receives the second target random number generated by the random number generator performing the above operation, the random number detection device may control the random number generator to perform the above handshake operation again within a preset time period, and receive the second target random number generated when the random number generator performs the above operation again. In a specific implementation, the random number detector Reset may be connected to the operation to make the random number generator perform the operation again to generate the second target random number. The predetermined time period may be a smaller time period to obtain the continuous random numbers generated by the random number generator.
In determining the predictability characteristics of the random numbers, a longer random number sequence, for example, a random number sequence of 31 bytes, is required, and therefore, the random number detection apparatus can control the random number generator to perform the above-mentioned handshaking operation in association with a plurality of times.
In some embodiments, when the target defect type is the random number quality defect type, at this time, the random number generator is controlled to be in communication connection with other devices, and a plurality of random numbers generated when the random number generator performs a handshake operation with other devices are acquired. Here, the acquired plurality of random numbers may be used as a plurality of third target random numbers, the randomness characteristic may be determined using the plurality of third target random numbers, and the randomness characteristic may be used to determine whether the plurality of third target random numbers, i.e., the plurality of random numbers generated by the random number generator, have data defects corresponding to the random number quality defect types.
Specifically, determining randomness characteristics of the third target random numbers; determining a random number quality characteristic of the plurality of third target random numbers based on the determined randomness characteristic, and taking the random number quality characteristic as a data characteristic of the plurality of random numbers; and finally, when the determined data characteristics are matched with the random number expression characteristics corresponding to the random number quality defect types, determining that the data defects corresponding to the random number quality defect types exist in the current environment.
When data feature matching is performed, if the random number quality feature indicates that the randomness of the third target random numbers is lower than a preset threshold value, it is determined that the data features of the random numbers are matched with the random number performance features corresponding to the random number quality defect types, and the random number defect of the random number quality defect types exists in the current environment, that is, the random number generated by the random number generator has the data defect corresponding to the random number quality defect types.
In the above, the third target random numbers generated by the random number generator when performing the handshake operation in communication connection with other devices may further have a data defect corresponding to the random number quality defect type, and the data attribute feature matching with the random number quality defect type is a randomness feature, so in the above embodiment, when the target defect type is the random number quality defect type, the randomness features of the random numbers are determined.
In specific implementation, the randomness characteristic of the random number can be obtained by using an entropy checking algorithm which is used for making a standard for the random number.
In the above embodiment, since in practical applications, the communication operation between the random number generator and other devices may be performed continuously, after the random number detection apparatus receives the third target random number sequence generated by the random number generator performing the above operation, the random number detection apparatus may control the random number generator to perform the above operation again within a preset time period, and receive the random number generated when the random number generator performs the above operation again. In a specific implementation, the random number detector Reset may be connected to the above operation to make the random number generator perform the above operation again. The preset time period may be a smaller time period.
When determining the randomness characteristics of the random numbers, a longer random number sequence is required, and therefore, the random number detection device can control the random number generator to perform the above operations in a plurality of times.
When one of the above data defects of the random number is determined, a corresponding repair scheme can be given, for example, a hardware random number seed is adopted, HMAC-DRBG is adopted, and the like.
In a specific implementation, as shown in fig. 4, the random number generator may belong to a mobile phone, and the mobile phone is in communication with a random number detection device, and the random number detection device is capable of receiving a random number generated by the mobile phone and performing data defect detection on a received random number sequence. The random number detection device is communicated with the cloud end, and the random number defect detection result and the random number generated by the mobile phone are sent to the cloud end. Here, the handset accesses the random number detection device through the proxy.
In the random number defect detection method of the embodiment, the random number generator can be subjected to the random number defect detection in the form of the black box under the conditions that hardware facilities are not changed and source codes and using documents of equipment are not utilized, so that the accuracy and the convenience of the random number defect detection are improved.
Corresponding to the above random number defect detection method, the embodiment of the present disclosure further provides a random number defect detection apparatus, which is applied to a terminal device or a random number detection apparatus for performing random number defect detection, and the apparatus and its modules can perform the same method steps as the random number defect detection method, and can achieve the same or similar beneficial effects, so that repeated parts are not described again.
As shown in fig. 5, the random number defect detecting apparatus provided by the present disclosure includes:
and a random number control generation module 510, configured to control the random number generator to generate a plurality of random numbers when the random number defect needs to be detected, and obtain the plurality of random numbers.
And an expression characteristic determining module 520, configured to determine a target defect type to be detected and a random number defect expression characteristic corresponding to the target defect type.
A data characteristic determining module 530, configured to analyze the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers.
And a defect determining module 540, configured to determine that a random number defect of the target defect type exists in the current environment when the data characteristics of the plurality of random numbers match with the random number representation characteristics corresponding to the target defect type.
In some embodiments, the performance characteristic determining module 520, when determining the target defect type to be detected and the random number defect performance characteristic corresponding to the target defect type, is configured to:
acquiring an appointed target defect type to be detected and random number defect expression characteristics corresponding to the target defect type from at least one preset random number defect type and random number defect expression characteristics corresponding to each random number defect type;
wherein the at least one random number defect type comprises: at least one of a random number seed defect type, a random number generation defect type and a random number quality defect type;
the random number seed defect type is used for indicating that the seed used for generating the random number has a defect with poor randomness;
the random number generation defect type is used for indicating that the generated random number has defects with predictability;
the random number quality defect type is used for indicating that the generated random numbers have defects with poor randomness.
An embodiment of the present disclosure discloses an electronic device, as shown in fig. 6, including: a processor 601, a memory 602, and a bus 603, wherein the memory 602 stores machine-readable instructions executable by the processor 601, and when the electronic device is operated, the processor 601 and the memory 602 communicate via the bus 603.
The machine readable instructions, when executed by the processor 601, perform the steps of the random number defect detection method of:
when the defects of the random numbers need to be detected, controlling a random number generator to generate a plurality of random numbers and acquiring the plurality of random numbers;
determining a target defect type to be detected and a random number defect expression characteristic corresponding to the target defect type;
analyzing the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers;
and when the data characteristics of the plurality of random numbers are matched with the random number expression characteristics corresponding to the target defect type, determining that the random number defect of the target defect type exists in the current environment.
In addition, when the processor 601 executes the machine readable instructions, the method contents in any embodiment described in the above method part can be executed, which is not described herein again.
A computer program product corresponding to the method and the apparatus provided in the embodiments of the present disclosure includes a computer readable storage medium storing a program code, where instructions included in the program code may be used to execute the method in the foregoing method embodiments, and specific implementation may refer to the method embodiments, which is not described herein again.
The foregoing description of the various embodiments is intended to highlight different aspects of the various embodiments that are the same or similar, which can be referenced one another and therefore not repeated herein for brevity.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the system and the apparatus described above may refer to corresponding processes in the method embodiments, and are not described in detail in this disclosure. In the several embodiments provided in the present disclosure, it should be understood that the disclosed system, apparatus, and method may be implemented in other ways. The above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is merely a logical division, and there may be other divisions in actual implementation, and for example, a plurality of modules or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of devices or modules through some communication interfaces, and may be in an electrical, mechanical or other form.
The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one position, or may be distributed on multiple network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present disclosure may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a non-volatile computer-readable storage medium executable by a processor. Based on such understanding, the technical solution of the present disclosure may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present disclosure. And the aforementioned storage medium includes: various media capable of storing program codes, such as a U disk, a removable hard disk, a ROM, a RAM, a magnetic disk, or an optical disk.
The above are only specific embodiments of the present disclosure, but the scope of the present disclosure is not limited thereto, and any person skilled in the art can easily think of the changes or substitutions within the technical scope of the present disclosure, and shall cover the scope of the present disclosure. Therefore, the protection scope of the present disclosure shall be subject to the protection scope of the claims.

Claims (8)

1. A method for random number defect detection, comprising:
when the defects of the random numbers need to be detected, controlling a random number generator to generate a plurality of random numbers and acquiring the plurality of random numbers;
determining a target defect type to be detected and a random number defect performance characteristic corresponding to the target defect type, comprising: acquiring an appointed target defect type to be detected and random number defect representation characteristics corresponding to the target defect type from at least one preset random number defect type and random number defect representation characteristics corresponding to each random number defect type;
wherein the at least one random number defect type comprises: at least one of a random number seed defect type, a random number generation defect type and a random number quality defect type;
the random number seed defect type is used for indicating that the seed used for generating the random number has a defect with poor randomness;
the random number generation defect type is used for indicating that the generated random number has defects with predictability;
the random number quality defect type is used for indicating that the generated random numbers have defects with poor randomness;
analyzing the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers, including: when the target defect type is the random number sub-defect type, analyzing data repeatability characteristics of the random numbers; or when the target defect type is the random number generation defect type, analyzing the predictability characteristics of the plurality of random numbers; or when the target defect type is the random number quality defect type, analyzing the randomness characteristics of the plurality of random numbers;
and when the data characteristics of the plurality of random numbers are matched with the random number expression characteristics corresponding to the target defect type, determining that the random number defect of the target defect type exists in the current environment.
2. The random number defect detection method of claim 1, wherein when the target defect type comprises the random number sub-defect type, the controlling the random number generator to generate a plurality of random numbers to obtain the plurality of random numbers comprises:
controlling the random number generator to execute restarting or starting operation, and acquiring a plurality of generated random numbers as a plurality of first target random numbers;
analyzing the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers, including:
determining a total number of the plurality of first target random numbers and a maximum number of identical first target random numbers in the plurality of first target random numbers;
and determining the data repeatability characteristics of the plurality of random numbers based on the ratio of the maximum number to the total number, and taking the data repeatability characteristics as the data characteristics of the plurality of random numbers.
3. The random number defect detection method of claim 2, wherein the random number sub-defect types include a fixed random number seed defect type and a weak random number sub-defect type;
when the data characteristics of the plurality of random numbers are matched with the random number expression characteristics corresponding to the target defect type, determining that the random number defect of the target defect type exists in the current environment, including:
if the ratio corresponding to the data repeatability characteristics is smaller than 1, determining that the data characteristics of the random numbers are matched with the random number expression characteristics corresponding to the weak random number sub-defect types, and the random number defects of the weak random number sub-defect types exist in the current environment;
and if the ratio corresponding to the data repeatability characteristics is equal to 1, determining that the data characteristics of the plurality of random numbers are matched with the random number representation characteristics corresponding to the fixed random number seed defect types, and the random number defect of the fixed random number seed defect type exists in the current environment.
4. The random number defect detection method of claim 1, wherein when the target defect type comprises the random number generation defect type, the controlling the random number generator to generate a plurality of random numbers to obtain the plurality of random numbers comprises:
controlling the random number generator to be in communication connection with other equipment, and acquiring a plurality of random numbers generated when the random number generator and other equipment perform handshake operation as a plurality of second target random numbers;
analyzing the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers, including:
predicting a plurality of random numbers generated by the random number generator when the random number generator is in communication connection with other equipment and executes a handshake operation based on the plurality of second target random numbers;
acquiring a plurality of random numbers actually generated by the random number generator;
determining the predictability characteristics of the plurality of random numbers based on whether the plurality of random numbers obtained by prediction are the same as the plurality of actually generated random numbers or not, and taking the predictability characteristics as the data characteristics of the plurality of random numbers;
when the data characteristics of the plurality of random numbers are matched with the random number expression characteristics corresponding to the target defect type, determining that the random number defect of the target defect type exists in the current environment, including:
and if the predictability characteristics indicate that the plurality of random numbers obtained by prediction are the same as the plurality of actually generated random numbers, determining that the data characteristics of the plurality of random numbers are matched with the random number representation characteristics corresponding to the random number generation defect types, and the random number defects of the random number generation defect types exist in the current environment.
5. The random number defect detection method of claim 1, wherein when the target defect type comprises the random number quality defect type, the controlling the random number generator to generate a plurality of random numbers to obtain the plurality of random numbers comprises:
controlling the random number generator to be in communication connection with other equipment, and acquiring a plurality of random numbers generated when the random number generator and other equipment perform handshake operation as a plurality of third target random numbers;
analyzing the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers, including:
determining randomness characteristics of the third plurality of target random numbers;
determining random number quality characteristics of the third target random numbers based on the determined randomness characteristics, and taking the random number quality characteristics as data characteristics of the random numbers;
when the data characteristics of the plurality of random numbers are matched with the random number expression characteristics corresponding to the target defect type, determining that the random number defect of the target defect type exists in the current environment, including:
and if the random number quality characteristics indicate that the randomness of the third target random numbers is lower than a preset threshold value, determining that the data characteristics of the random numbers are matched with the random number representation characteristics corresponding to the random number quality defect types, and the random number defects of the random number quality defect types exist in the current environment.
6. A random number defect detecting apparatus, comprising:
the random number control generation module is used for controlling the random number generator to generate a plurality of random numbers when the defects of the random numbers need to be detected, and acquiring the plurality of random numbers;
the performance characteristic determining module is used for determining the type of the target defect to be detected and the performance characteristics of the random number defect corresponding to the type of the target defect;
the data characteristic determining module is used for analyzing the plurality of random numbers based on the target defect type to obtain data characteristics of the plurality of random numbers;
the defect determining module is used for determining that the random number defect of the target defect type exists in the current environment when the data characteristics of the plurality of random numbers are matched with the random number expression characteristics corresponding to the target defect type;
the performance characteristic determination module is specifically configured to: acquiring an appointed target defect type to be detected and random number defect representation characteristics corresponding to the target defect type from at least one preset random number defect type and random number defect representation characteristics corresponding to each random number defect type;
the at least one random number defect type includes: at least one of a random number seed defect type, a random number generation defect type and a random number quality defect type;
the random number seed defect type is used for indicating that the seed used for generating the random number has a defect with poor randomness;
the random number generation defect type is used for indicating that the generated random number has defects with predictability;
the random number quality defect type is used for indicating that the generated random numbers have defects with poor randomness;
the data characteristic determination module is specifically configured to: when the target defect type is the random number type of the sub-defects, analyzing data repeatability characteristics of the random numbers; or when the target defect type is the random number generation defect type, analyzing the predictability characteristics of the plurality of random numbers; or when the target defect type is the random number quality defect type, analyzing the randomness characteristics of the plurality of random numbers.
7. An electronic device, comprising: a processor, a storage medium and a bus, wherein the storage medium stores machine-readable instructions executable by the processor, when an electronic device runs, the processor and the storage medium communicate through the bus, and the processor executes the machine-readable instructions to execute the random number defect detection method according to any one of claims 1 to 5.
8. A computer-readable storage medium, having stored thereon a computer program which, when executed by a processor, performs the random number defect detection method according to any one of claims 1 to 5.
CN202010323924.0A 2020-04-22 2020-04-22 Random number defect detection method and device Active CN111541537B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010323924.0A CN111541537B (en) 2020-04-22 2020-04-22 Random number defect detection method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010323924.0A CN111541537B (en) 2020-04-22 2020-04-22 Random number defect detection method and device

Publications (2)

Publication Number Publication Date
CN111541537A CN111541537A (en) 2020-08-14
CN111541537B true CN111541537B (en) 2022-11-08

Family

ID=71979452

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010323924.0A Active CN111541537B (en) 2020-04-22 2020-04-22 Random number defect detection method and device

Country Status (1)

Country Link
CN (1) CN111541537B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106528048A (en) * 2016-11-02 2017-03-22 北京旷视科技有限公司 Method and apparatus for assessing quality of random number generator
CN107577452A (en) * 2016-07-04 2018-01-12 阿里巴巴集团控股有限公司 randomness detecting method and device
CN109976709A (en) * 2017-12-28 2019-07-05 国民技术股份有限公司 Randomness detecting method, device, equipment and computer readable storage medium

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102637122B (en) * 2011-09-14 2015-09-09 中国科学院空间科学与应用研究中心 The parity of physically based deformation noise generates method and the system thereof of true random number
CN103092566B (en) * 2011-11-07 2016-08-24 国民技术股份有限公司 The method and apparatus that pseudo-random number seed, pseudo random number generate
CN102495716A (en) * 2011-11-21 2012-06-13 大唐微电子技术有限公司 Detection method for random number generators and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107577452A (en) * 2016-07-04 2018-01-12 阿里巴巴集团控股有限公司 randomness detecting method and device
CN106528048A (en) * 2016-11-02 2017-03-22 北京旷视科技有限公司 Method and apparatus for assessing quality of random number generator
CN109976709A (en) * 2017-12-28 2019-07-05 国民技术股份有限公司 Randomness detecting method, device, equipment and computer readable storage medium

Also Published As

Publication number Publication date
CN111541537A (en) 2020-08-14

Similar Documents

Publication Publication Date Title
US10341093B2 (en) Method, apparatus and system for device identification
CN110290522B (en) Risk identification method and device for mobile equipment and computer system
CN104081407A (en) Remote trust attestation and geo-location of servers and clients in cloud computing environments
US20180107686A1 (en) Search method and apparatus
CN112262544B (en) Device, system and method for generating and processing cryptographic parameters
CN110689084A (en) Abnormal user identification method and device
CN110619022B (en) Node detection method, device, equipment and storage medium based on block chain network
CN113794706B (en) Data processing method and device, electronic equipment and readable storage medium
CN111541537B (en) Random number defect detection method and device
US20170373856A1 (en) Prefix fingerprint
US10013539B1 (en) Rapid device identification among multiple users
WO2017036042A1 (en) Information collection method and apparatus
CN116257882A (en) Voting method, voting system, electronic equipment and storage medium
CN112650557B (en) Command execution method and device
CN111694588B (en) Engine upgrade detection method and device, computer equipment and readable storage medium
CN111667190B (en) Electric power construction grounding monitoring method, device and server
CN115102728B (en) Scanner identification method, device, equipment and medium for information security
CN115694843B (en) Camera access management method, system, device and medium for avoiding counterfeiting
KR102297318B1 (en) System for safety verification of cryptographic algorithms based on side-channel analysis and method for controlling thereof
CN112615712B (en) Data processing method, related device and computer program product
CN116956306A (en) Method, device, equipment and storage medium for acquiring cheating application installation package
CN117675643A (en) Abnormality detection method, device, equipment and medium for distributed system
CN116248724A (en) Vehicle controller-oriented side information acquisition system, method, equipment and medium
CN117539744A (en) Test data generation method and system and electronic equipment
CN116094835A (en) Service data encryption method, service data decryption method, device and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP01 Change in the name or title of a patent holder

Address after: 100041 B-0035, 2 floor, 3 building, 30 Shixing street, Shijingshan District, Beijing.

Patentee after: Douyin Vision Co.,Ltd.

Address before: 100041 B-0035, 2 floor, 3 building, 30 Shixing street, Shijingshan District, Beijing.

Patentee before: Tiktok vision (Beijing) Co.,Ltd.

Address after: 100041 B-0035, 2 floor, 3 building, 30 Shixing street, Shijingshan District, Beijing.

Patentee after: Tiktok vision (Beijing) Co.,Ltd.

Address before: 100041 B-0035, 2 floor, 3 building, 30 Shixing street, Shijingshan District, Beijing.

Patentee before: BEIJING BYTEDANCE NETWORK TECHNOLOGY Co.,Ltd.

CP01 Change in the name or title of a patent holder