CN117827146A

CN117827146A - Pseudo-random number generation method and device, electronic equipment and storage medium

Info

Publication number: CN117827146A
Application number: CN202311605193.9A
Authority: CN
Inventors: 应玉龙; 李孙长; 王磊; 韩丹; 鲍远来
Original assignee: Postal Savings Bank of China Ltd
Current assignee: Postal Savings Bank of China Ltd
Priority date: 2023-11-28
Filing date: 2023-11-28
Publication date: 2024-04-05

Abstract

The application discloses a pseudo-random number generation method and device, electronic equipment and storage medium, wherein the method comprises the following steps: collecting a random entropy source sequence of a computer, wherein the random entropy source sequence comprises a plurality of random entropy source information associated with computer hardware; performing expansion processing on the random entropy source sequence by using a state encryption algorithm to obtain an expanded random entropy source sequence; and generating a pseudo-random number according to the cryptographic algorithm and the expanded random entropy source sequence. The pseudo-random number generation method of the embodiment of the invention can collect various random entropy source information related to computer hardware from an operating system, ensures the sufficiency and randomness of random entropy, adopts a double-layer random number generation architecture based on a state encryption algorithm to process in an expansion stage and a generation stage of a random entropy source respectively, and ensures the safety of the internal state of a pseudo-random number generator, thereby better meeting the requirements of various pseudo-random number application scenes.

Description

Pseudo-random number generation method and device, electronic equipment and storage medium

Technical Field

The present invention relates to the field of pseudo-random number generation technologies, and in particular, to a pseudo-random number generation method and apparatus, an electronic device, and a storage medium.

Background

In the age of advanced information, the whole society increasingly pays attention to information security, and the application of cryptographic technology is increasingly focused. The random number is used as a key element of cryptography, provides basic security guarantee for cryptographic technologies such as cryptographic algorithm, network security communication and the like, and concerns the confidentiality, integrity, non-repudiation and the like in the information encryption process. Therefore, in order to ensure the quality of the random numbers, the implementation technology of the random number generator has important significance.

Random number generators are classified into two categories, according to the source of randomness and the generation principle: a true random number generator (True Random Number Generator, TRNG) and a Pseudo random number generator (Pseudo-Random Number Generator, PRNG). The true random number generator collects and uses random components in the physical signals, and generates random numbers after digital processing based on the hardware module. True random number generators have good unpredictability, but there are also many disadvantages: the development cost is high, hardware updating is difficult, random performance deviation is caused by device aging, and the like, so that the application range is limited.

The pseudo-random number generator adopts a deterministic algorithm to expand a random sequence with a limited length to generate an output sequence with any length. The pseudo-random number generator has the advantages of good random sequence statistics, convenient development and realization, low cost, no dependence on hardware peripherals and the like, and has wide application scenes. However, the existing pseudo-random number generator also has obvious disadvantages: 1) The source of randomness of the entropy source data is insufficient. Generally, only a random number interface of an operating system is called to obtain a random number, and the random number output interfaces of some operating systems have the problem that the forward security cannot be met; 2) The security of the internal state of the random number generator is insufficient. Once the internal state of the random number leaks, a predictable risk of the output sequence is caused; 3) There is a risk that the output random number sequence is insufficiently random. The internal state management and output processing of the existing pseudo-random number generator are simpler, and the defect of insufficient randomness of the output binary sequence can occur.

Disclosure of Invention

In order to solve the technical problem of at least one aspect, embodiments of the present application provide a pseudo-random number generation method, apparatus, electronic device, and storage medium, so as to improve randomness and security of pseudo-random number generation.

The embodiment of the application adopts the following technical scheme:

in a first aspect, an embodiment of the present application provides a pseudo random number generating method, including:

collecting a random entropy source sequence of a computer, wherein the random entropy source sequence comprises a plurality of random entropy source information associated with computer hardware;

performing expansion processing on the random entropy source sequence by using a state encryption algorithm to obtain an expanded random entropy source sequence;

and generating a pseudo-random number according to the cryptographic algorithm and the expanded random entropy source sequence.

Optionally, the random entropy source sequence of the acquisition computer includes:

based on the preset acquisition priority and the preset acquisition byte length, acquiring various random entropy source sequences associated with computer hardware and storing the random entropy source sequences into a temporary entropy pool;

the random entropy source sequence comprises at least one of a random entropy source sequence in a CPU of a computer, a process number PID of a program, a thread number TID of the program, high-precision system time of an operating system, memory address information and a random number interface of the operating system.

respectively evaluating the minimum entropy of various random entropy source sequences;

and screening the multiple random entropy source sequences according to the evaluation result to obtain a screened random entropy source sequence.

Optionally, before performing expansion processing on the random entropy source sequence by using a cryptographic algorithm to obtain an expanded random entropy source sequence, the method further includes:

counting the repetition times of the random entropy source information according to the random entropy source sequence;

if the repetition number is smaller than a first preset number threshold, passing a power-on health test;

otherwise, the power-on health test is not passed.

Optionally, the random entropy source sequence is stored in a temporary entropy pool, and the expanding processing is performed on the random entropy source sequence by using a cryptographic algorithm, so as to obtain an expanded random entropy source sequence, which includes:

respectively constructing a random entropy source sequence for initialization, a temporary random entropy source sequence and a first additional random entropy source sequence in an expansion stage according to a random entropy source sequence stored in a temporary entropy pool, wherein the random entropy source sequence for initialization, the temporary random entropy source sequence and the first additional random entropy source sequence are constructed based on different random entropy source information;

According to the random entropy source sequence stored in the temporary entropy pool and the random entropy source sequence for initialization of the expansion phase, performing initialization processing of the expansion phase by utilizing the cryptographic algorithm, and filling a fixed entropy pool of the expansion phase, wherein the fixed entropy pool comprises a first cache area and a second cache area;

according to the filled first buffer area and second buffer area, the temporary random entropy source sequence and the first additional random entropy source sequence, the cryptographic algorithm is utilized to perform the reseeding treatment of the expansion stage, and the first buffer area and the second buffer area of the expansion stage are updated;

and according to the updated first buffer area, the second buffer area and the first additional random entropy source sequence, performing output processing of an expansion stage by utilizing the cryptographic algorithm, outputting the expanded random entropy source sequence and updating the first buffer area of the expansion stage.

Optionally, the method further comprises:

counting the repetition number of the read random entropy source information when the random entropy source information is read from the temporary entropy pool each time, and counting the repetition number of the expanded random entropy source information when the expanded random entropy source sequence is output each time;

If the repetition number is smaller than a second preset number threshold, passing the continuous health test;

otherwise, the continuous health test is not passed.

Optionally, the random entropy source sequence is stored in a temporary entropy pool, and the generating a pseudo random number according to the cryptographic algorithm and the extended random entropy source sequence includes:

constructing a second additional random entropy source sequence of the generation stage according to the random entropy source sequence stored in the temporary entropy pool;

according to the expanded random entropy source sequence, initializing a generation stage by utilizing the cryptographic algorithm, and filling a first buffer area and a second buffer area of the generation stage;

according to the filled first buffer area and second buffer area, the second additional random entropy source sequence and the expanded random entropy source sequence, the cryptographic algorithm is utilized to perform reseeding treatment in the generation stage, and the first buffer area and the second buffer area in the generation stage are updated;

and according to the updated first buffer area, the updated second buffer area and the second additional random entropy source sequence, performing output processing of the generation stage by utilizing the cryptographic algorithm, outputting a final pseudo-random number and updating the first buffer area of the generation stage.

Optionally, after generating a pseudo random number according to the cryptographic algorithm and the extended random entropy source sequence, the method further comprises:

performing periodic health testing on the pseudo random number;

outputting the pseudo random number if the periodic health test is passed;

otherwise, the pseudo-random number is regenerated.

In a second aspect, an embodiment of the present application further provides a pseudo random number generating apparatus, including:

the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring a random entropy source sequence of a computer, and the random entropy source sequence comprises a plurality of random entropy source information associated with computer hardware;

the expansion unit is used for carrying out expansion processing on the random entropy source sequence by utilizing a cryptographic algorithm to obtain an expanded random entropy source sequence;

and the generation unit is used for generating pseudo random numbers according to the cryptographic algorithm and the expanded random entropy source sequence.

In a third aspect, embodiments of the present application further provide an electronic device, including:

a processor and a memory arranged to store computer executable instructions which, when executed, cause the processor to perform any of the methods described above.

In a fourth aspect, embodiments of the present application also provide a computer-readable storage medium storing one or more programs that, when executed by an electronic device comprising a plurality of application programs, cause the electronic device to perform any of the methods described above.

The above-mentioned at least one technical scheme that this application embodiment adopted can reach following beneficial effect: the pseudo random number generation method comprises the steps of firstly collecting a random entropy source sequence of a computer, wherein the random entropy source sequence comprises a plurality of random entropy source information associated with computer hardware; then, carrying out expansion processing on the random entropy source sequence by using a state encryption algorithm to obtain an expanded random entropy source sequence; and finally, generating a pseudo-random number according to the cryptographic algorithm and the expanded random entropy source sequence. The pseudo-random number generation method of the embodiment of the invention can collect various random entropy source information related to computer hardware from an operating system, ensures the sufficiency and randomness of random entropy, adopts a double-layer random number generation architecture based on a state encryption algorithm to process in an expansion stage and a generation stage of a random entropy source respectively, and ensures the safety of the internal state of a pseudo-random number generator, thereby better meeting the requirements of various pseudo-random number application scenes.

Drawings

The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute an undue limitation to the application. In the drawings:

FIG. 1 is a schematic diagram of a pseudo-random number generation flow in the prior art;

FIG. 2 is a flow chart of a pseudo-random number generation method according to an embodiment of the present application;

FIG. 3 is a schematic diagram of a pseudo-random number generation flow in an embodiment of the present application;

FIG. 4 is a schematic diagram of a pseudo-random number generating device according to an embodiment of the present application;

fig. 5 is a schematic structural diagram of an electronic device in an embodiment of the present application.

Detailed Description

For the purposes, technical solutions and advantages of the present application, the technical solutions of the present application will be clearly and completely described below with reference to specific embodiments of the present application and corresponding drawings. It will be apparent that the described embodiments are only some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.

The following describes in detail the technical solutions provided by the embodiments of the present application with reference to the accompanying drawings.

As shown in fig. 1, a schematic flow chart of a pseudo random number generation in the prior art is provided. The prior pseudo-random number generator generally only calls a random number interface of an operating system to acquire random numbers, or a small amount of interfaces of the operating system, which contain random entropy source information, are used as sources of random entropy sources, a simple symmetric encryption algorithm is generally adopted by a random number processing algorithm, a single-layer simple expansion structure is only used in the pseudo-random number generator, and in the normal operation process, only self-tests for simply judging state information of each internal flow are realized, and real-time health detection on the random entropy sources and random number output sequences is not completely realized. The concrete aspects are as follows:

1) The source of randomness of the entropy source data is insufficient. The random number interface of the operating system is mainly relied on, the random entropy information of other hardware used is very little, and the random number output interface of some operating systems has the defect of safety; real-time health testing of random entropy sources is not fully realized. This leads to the risk that existing pseudo-random number generators are universally subject to inadequate randomness of the entropy source.

2) The security of the internal state of the random number generator is insufficient. The existing pseudo-random number generator simply judges the state information of the internal flow to simply realize self-test, and generally uses a symmetric cryptographic algorithm to simply realize a pseudo-random number generator framework of primary expansion processing, which may lead to an attacker to crack the internal state information according to an output sequence, and once the internal state of the random number generator leaks, the risk that the output sequence is predictable is caused.

3) There is a risk that the output random number sequence is insufficiently random. The output processing flow of the existing pseudo-random number generator adopts simple symmetric algorithm encryption processing, and no real-time health detection is carried out on the random number output sequence, so that the defect of randomness contained in the output binary sequence can occur.

In order to solve the technical problem of at least one aspect, an embodiment of the present application provides a pseudo-random number generating method, as shown in fig. 2, and provides a flowchart of the pseudo-random number generating method in the embodiment of the present application, where the method at least includes steps S110 to S130 as follows:

step S110, a random entropy source sequence of a computer is collected, wherein the random entropy source sequence comprises a plurality of random entropy source information associated with computer hardware.

When the pseudo random number is generated, entropy source information needs to be collected firstly, and the entropy source is a source for generating randomness, so that the method is a basis for guaranteeing that the random number generator has unpredictability and also is a basis for guaranteeing the safety of the random number generator. The randomness of the embodiment of the application depends on the entropy source of the computer, so that various information related to computer hardware can be used, for example, the information can comprise a hardware random sequence in the CPU of the computer, a process number PID of the program, a thread number TID of the program, high-precision time of the system, random memory address information and the like, and the randomness source of the entropy source data is ensured to be sufficient.

And step S120, performing expansion processing on the random entropy source sequence by using a cryptographic algorithm to obtain an expanded random entropy source sequence.

After various random entropy source sequences are acquired, the random entropy source sequences are required to be expanded by using a cryptographic algorithm, an SM3 hash algorithm can be adopted in the cryptographic algorithm, and the random entropy source sequences are expanded based on the principle of the SM3 hash algorithm, so that the sufficiency of entropy source information related to hardware is further ensured, and the randomness of the entropy source information is improved.

And step S130, generating pseudo random numbers according to the cryptographic algorithm and the expanded random entropy source sequence.

After the extended random entropy source sequence is obtained, all links in the pseudo-random number generator can be realized based on a cryptographic algorithm, so that a final pseudo-random number is output.

The pseudo-random number generation method of the embodiment of the invention can collect various random entropy source information related to computer hardware from an operating system, ensures the sufficiency and randomness of random entropy, adopts a double-layer random number generation architecture based on a state encryption algorithm to process in an expansion stage and a generation stage of a random entropy source respectively, and ensures the safety of the internal state of a pseudo-random number generator, thereby better meeting the requirements of various pseudo-random number application scenes.

In some embodiments of the present application, the random entropy source sequence of the acquisition computer comprises: based on the preset acquisition priority and the preset acquisition byte length, acquiring various random entropy source sequences associated with computer hardware and storing the random entropy source sequences into a temporary entropy pool; the random entropy source sequence comprises at least one of a random entropy source sequence in a CPU of a computer, a process number PID of a program, a thread number TID of the program, high-precision system time of an operating system, memory address information and a random number interface of the operating system.

The sources of the random entropy source sequence in the embodiment of the application mainly comprise a random entropy source sequence in the CPU of the computer, a process number PID of the program, a thread number TID of the program, high-precision system time of an operating system, memory address information, a random number interface of the operating system and the like.

The randomness degree of different entropy source information is different, for example, a hardware random number chip is usually arranged in a computer CPU, and the true randomness of the hardware is stronger based on the physical property of the hardware, so that the software random information is safer than the software random information, the generation frequency of the different entropy source information is also different, for example, the frequency of the generation of a process number PID of a program and a thread number TID of the program is relatively lower, and the frequency of the generation of a random entropy source sequence in the computer CPU is relatively higher. In addition, considering the generation requirement of pseudo random numbers of an actual scene, the byte lengths of the random entropy source information acquisition needs to be determined, for example, a user needs to generate random numbers with the length of 32 bytes, and then the byte length of each random entropy source information acquisition needs to be set. Based on the above, the embodiment of the application can acquire the random entropy source sequence according to a certain acquisition priority and acquisition byte length.

For example, embodiments of the present application may sequentially collect random entropy source information of a certain byte length with reference to the following priority order:

1) Random entropy source sequence inside computer CPU: the following interfaces may be tried to obtain random entropy source information inside the CPU, respectively: crypto_rdrand_multiple8_buf or openssl_ia32_rdrand_bytes.

2) Program process number PID: the method comprises the steps of calling an operating system to obtain an interface GetCurrentProcessId of a process number, obtaining a system unique identifier of a current process, and obtaining a random sequence of 4 bytes each time, wherein the sequence is based on random allocation of a process stack of a computer system, and the source of random entropy relates to physical factors such as memory model, physical size of a memory, interaction of user operation calculation and the like, so that the random sequence has great randomness.

3) Thread number TID of program: the method comprises the steps of calling an operating system to obtain a process number interface GetCurrentThreadId, obtaining a system unique identifier of a current thread, obtaining a random sequence of 4 bytes each time, wherein the sequence is based on random allocation of a thread stack of a computer system, and the source of the random entropy relates to physical factors such as a register model, a register physical size, interaction of user operation calculation and the like, so that the random sequence has great randomness.

4) Operating system high precision system time: the operating system is called to acquire a high-precision nanosecond system time interface GetSystemTimeAsFileTime, and the last 2 bits are intercepted as entropy source information after 8 bytes can be acquired each time, which is mainly because the disturbance of the last 2 bits is larger due to hardware reasons, and 4 times of continuous acquisition are performed each time. The computer comprises a hardware clock driven by a battery, an operating system must interact with the hardware clock module to acquire the time of the system, and the operating system communicates with the hardware clock module through a driver running in the kernel space of the operating system; the software program calls an interface for acquiring high-precision system time, and an operating system can be converted into a corresponding system instruction, wherein the instruction has an uncertainty time error in three stages of value, decoding and execution; the source of the error relates to physical factors such as CPU model, hardware clock period, temperature and voltage, and the like, and has good unpredictability.

5) Memory address information: and directly acquiring the memory address information of a certain local variable in the current program code as an information entropy source of 8 bytes. In the operating system, the program randomly acquires the memory space in the operation stage, the memory space of the program is randomly controlled in a telescopic manner according to the operation of a user and the operation requirement of the program, and the random refinement, the combination and the movement operations are carried out in the memory space; and a certain local variable in the program only exists in a small code segment, only a small memory space is temporarily allocated, the execution of the code segment is finished to release the memory fragment, and the operations of memory space thinning, splitting, combining and moving are frequently triggered. Therefore, the memory address information of the local variable relates to physical factors such as memory model, memory physical size, interaction of user operation calculation and the like, and has great randomness.

6) Random number interface of operating system: the BCryptGenRandom is used as a supplement, the interface accords with the international NIST SP800-90 random number standard, particularly the CTR_DRBG part of the standard, and has relatively high safety. In extreme cases, the random number is used in a very large amount, and a random entropy source can be supplemented through a random number interface of the system.

It should be noted that the above acquisition sequence and the acquisition byte length are only exemplary, and those skilled in the art can flexibly adjust the acquisition sequence and the acquisition byte length according to actual requirements, which are not particularly limited herein.

The entropy pool constructed by the embodiment of the application comprises a temporary entropy pool, wherein the temporary entropy pool is used for storing the original random entropy source data acquired from the computer, and the required data is timely read from the entropy pool when required, so that delay of generating random numbers is reduced. For example, after enough random entropy source data is collected each time, the random entropy source data can be output to a cryptographic algorithm for expansion processing, and a temporary entropy pool is emptied. The size of the temporary entropy pool is scalable, the size of the entropy pool is enlarged and reduced according to acquisition requirements, the minimum size is 48 bytes, and the maximum size is 12288 bytes.

In some embodiments of the present application, the random entropy source sequence of the acquisition computer comprises: respectively evaluating the minimum entropy of various random entropy source sequences; and screening the multiple random entropy source sequences according to the evaluation result to obtain a screened random entropy source sequence.

In order to ensure the quality of the random entropy sources, before the collected random entropy source information is used, the embodiment of the application can also quantitatively evaluate the randomness of the entropy source data through an entropy estimation algorithm, evaluate the minimum entropy of various entropy sources, and be used for ensuring the sufficiency of the entropy rate of the entropy sources and eliminating the entropy sources with lower entropy rate. Of course, the specific entropy estimation algorithm can be flexibly determined by those skilled in the art in combination with the prior art, and will not be described herein.

In some embodiments of the present application, before performing an expansion process on the random entropy source sequence by using a cryptographic algorithm, to obtain an expanded random entropy source sequence, the method further includes: counting the repetition times of the random entropy source information according to the random entropy source sequence; if the repetition number is smaller than a first preset number threshold, passing a power-on health test; otherwise, the power-on health test is not passed.

Before formally using various random entropy sources, a power-on health test can be performed, and catastrophic faults can be rapidly detected by using a repeated counting test mode, wherein the faults can lead the entropy sources to output the same value for a long time.

For example, the test may perform a repetition count test on 1000000 consecutive samples, and the output of the entropy source is not used for other operations. The pseudo-random number generator is executed in an initialization phase, i.e. before the entropy source is used for the first time. After the test is completed and there is no fault or error, the random number generator will go to the next step. The principle flow of the test algorithm is as follows:

① A＝ next()

② B ＝ 1；

③ X ＝ next()；

④ If(X ＝ A)

B＝B+1；

If(B≥C)

Error prompting;

else

A＝X；

B＝1；

(5) repeating the step (3).

Wherein next () is the next sample output by the entropy source, B is the repeated sample count, and C is the first preset number of times threshold.

The test algorithm expresses that when the number of repeated samples in all the random entropy source data reaches a threshold value C, the power-on test is failed, the random entropy source data needs to be collected again, and if the number of repeated samples is smaller than the threshold value C, the test is passed, and the follow-up process is started to be executed.

By the health test before starting, recombination and randomness of the random entropy source can be further ensured, and the safety of pseudo-random number generation is improved.

In some embodiments of the present application, the random entropy source sequence is stored in a temporary entropy pool, and the expanding the random entropy source sequence by using a cryptographic algorithm to obtain an expanded random entropy source sequence includes: respectively constructing a random entropy source sequence for initialization, a temporary random entropy source sequence and a first additional random entropy source sequence in an expansion stage according to a random entropy source sequence stored in a temporary entropy pool, wherein the random entropy source sequence for initialization, the temporary random entropy source sequence and the first additional random entropy source sequence are constructed based on different random entropy source information; according to the random entropy source sequence stored in the temporary entropy pool and the random entropy source sequence for initialization of the expansion phase, performing initialization processing of the expansion phase by utilizing the cryptographic algorithm, and filling a fixed entropy pool of the expansion phase, wherein the fixed entropy pool comprises a first cache area and a second cache area; according to the filled first buffer area and second buffer area, the temporary random entropy source sequence and the first additional random entropy source sequence, the cryptographic algorithm is utilized to perform the reseeding treatment of the expansion stage, and the first buffer area and the second buffer area of the expansion stage are updated; and according to the updated first buffer area, the second buffer area and the first additional random entropy source sequence, performing output processing of an expansion stage by utilizing the cryptographic algorithm, outputting the expanded random entropy source sequence and updating the first buffer area of the expansion stage.

In the expansion stage, an SM3 hash algorithm is mainly used as an expansion function to realize expansion processing, and the expansion processing realized based on the SM3 hash algorithm mainly comprises three links of initialization, reseeding and output processing:

1) Initializing an extension function: using a variety of entropy sources: (1) personalized string 1: PSBC Browser202205SM3 PERS, which can be understood as a random entropy source information related to actual service, can be customized and is not exposed to the outside; (2) random entropy for initialization: the process PID, the thread TID, the high-precision time of the system, the random memory address and the monotonically increasing counter value can be adopted for splicing; (3) temporary random entropy source sequence: the random entropy of the hardware of the CPU of the computer can be preferentially used, and the random number generator of the operating system is called to supplement when the entropy is insufficient. And initializing based on an SM3 cryptographic algorithm, and filling a first cache region V and a second cache region C in the expansion stage.

The first buffer area V and the second buffer area C are created in a fixed entropy pool, where the fixed entropy pool is an entropy pool with a fixed size, and may specifically include 2 first buffer areas V and second buffer areas C with a size of 111 bytes, where the fixed entropy pool is used to store random entropy source data after expansion calculation based on the SM3 algorithm, and initialization, rebroadcasting and output processing in the expansion stage update the data of the fixed entropy pool.

The main difference between the first buffer V and the second buffer C is that: the first buffer area V is to store random entropy source data into the buffer area V after being operated and processed by SM3 algorithm, and 3 main stages of random number generation comprise initialization, reseeding and output processing, which trigger updating the first buffer area V. The second buffer area C is to store the data of the first buffer area V into the second buffer area C after the operation processing of SM3 algorithm, and the 2 main stages of random number generation comprise initialization and reseeding, which can trigger the updating of the second buffer area C.

2) Reseeding of the extended function: the method uses: (1) temporary random entropy source sequence: the random entropy of the hardware of the CPU of the computer is preferentially used, and the random number generator of the operating system is called to supplement when the random entropy is insufficient (because other entropy source information such as PID and threads are fewer, and the random number generator is not enough in general); (2) additional random entropy source sequence: the random memory address within the current thread is used. And (3) carrying out re-seeding processing based on an SM3 cryptographic algorithm, and updating a first cache region V and a second cache region C in the expansion function.

3) Output processing of the extended function: the random memory address within the current thread is used to supplement the entropy source. And (5) carrying out output processing based on an SM3 cryptographic algorithm, and updating the first buffer area V inside. The output random sequence, if the health test passes, will be the input to the generation process stage.

It should be noted that the above construction of the random entropy source sequence for initialization, the temporary random entropy source sequence and the first additional random entropy source sequence is only one example in the embodiments of the present application, and is intended to construct different random entropy source sequences according to different collected random entropy sources, so as to further improve the sufficiency and randomness of the random entropy sources, so that, in particular, how to construct the random entropy sources, those skilled in the art can flexibly set the random entropy source sequences according to actual situations, and is not limited herein.

In some embodiments of the present application, the method further comprises: counting the repetition number of the read random entropy source information when the random entropy source information is read from the temporary entropy pool each time, and counting the repetition number of the expanded random entropy source information when the expanded random entropy source sequence is output each time; if the repetition number is smaller than a second preset number threshold, passing the continuous health test; otherwise, the continuous health test is not passed.

In the expansion processing stage, the embodiment of the application further adopts a continuous health test mode to ensure the sufficiency and randomness of the random entropy source data in the entropy pool. Specifically, a self-adaptive proportion test mode can be used, and continuous health test is performed on the random entropy source sequence every time random entropy source data are acquired; at the end of each expansion process, a continuous health test is performed on the expanded random entropy source sequence. The test is capable of detecting a large amount of entropy loss that may occur due to some physical fault or environmental change affecting the entropy source, and may detect more subtle faults of the entropy source.

The principle flow of the test algorithm is as follows:

① A＝ next()

② B ＝ 1；

③ For i ＝ 1 to W - 1

If(A＝next())

B＝B+1；

If(B≥D)

error prompting;

(4) returning to the step (1).

Where next () is the next sample output by the entropy source, B is the repeated sample count, D is a second preset number of times threshold, for example, may be set to 690, and the window size W is 1024. After each time random entropy source data is acquired, continuous health testing is executed; during operation of the entropy source, all digitized samples derived from the entropy source are continuously detected, without disabling the output of the entropy source.

If D identical samples appear continuously, judging that the continuous test is not passed, prompting error information of failure of the continuous health test of the entropy source, and at the moment, failing to normally acquire random entropy source data, triggering a reinitialization flow of an expansion stage, and updating data of a fixed entropy pool. If the same samples are not continuously generated for D times, judging that the test is passed, and entering the next random number generation flow.

In some embodiments of the present application, the random entropy source sequence is stored in a temporary entropy pool, and the generating the pseudo random number according to the cryptographic algorithm and the extended random entropy source sequence includes: constructing a second additional random entropy source sequence of the generation stage according to the random entropy source sequence stored in the temporary entropy pool; according to the expanded random entropy source sequence, initializing a generation stage by utilizing the cryptographic algorithm, and filling a first buffer area and a second buffer area of the generation stage; according to the filled first buffer area and second buffer area, the second additional random entropy source sequence and the expanded random entropy source sequence, the cryptographic algorithm is utilized to perform reseeding treatment in the generation stage, and the first buffer area and the second buffer area in the generation stage are updated; and according to the updated first buffer area, the updated second buffer area and the second additional random entropy source sequence, performing output processing of the generation stage by utilizing the cryptographic algorithm, outputting a final pseudo-random number and updating the first buffer area of the generation stage.

The generation stage is also to use SM3 hash algorithm as PRNG to realize the generation of pseudo random number, and the PRNG generation processing stage mainly comprises internal state, initialization function, reseeding function, output function and self-test.

The internal state refers to all internally stored parameters, variables and other stored values of the PRNG, the PRNG seed buffer including the first and second buffers V and C of the generation phase, the reseed counter value and threshold, the reseed time value and threshold, the PRNG state value.

1) PRNG initialization: the method uses: (1) personalizing string 2: PSBC generator 202302SM3PERS, which is also self-defined entropy source information, can be set to be different from the personalized character strings in the expansion stage for further increasing randomness; (2) and (5) expanding a random entropy sequence output by the function. The initialization process of the PRNG generation processing flow is performed based on the SM3 cryptographic algorithm, and the first buffer V and the second buffer C inside the PRNG generation processing flow are filled.

2) And (5) the PRNG is sowed again: the method uses: (1) a random entropy sequence output by the expansion function; (2) additional random entropy: and using the thread TID+ system high-precision time to splice. And (3) carrying out reseeding processing based on an SM3 cryptographic algorithm, and updating a first buffer zone V and a second buffer zone C in the PRNG generation processing flow.

3) PRNG output processing: the current thread tid+ system high precision time is used as a supplemental entropy source. And (3) carrying out output processing based on an SM3 cryptographic algorithm, updating the first buffer area V inside, and outputting a final random number.

It should be noted that the above construction of the second additional random entropy source sequence is also only one example in the embodiments of the present application. By adding different entropy source combinations at different stages of random number generation, the complexity of the internal state is improved, and the safety of pseudo-random number generation is further improved. How to construct and combine in particular, the person skilled in the art can flexibly set according to the actual circumstances, and is not particularly limited herein.

To facilitate an understanding of the embodiments described above, embodiments of the present application are presented in another form:

PRNG initialization process flow:

input: input entropy source sequence

And (3) outputting: first buffer V, second buffer C, and internal other status information (including replay counter information)

Begin：

1. V=sm3_df (input, buffer length)

2. C=sm3_df (0 x00 iiv, buffer length)

3、counter＝1

END

In addition, the process flow of sm3_df is as follows:

input: input is the input data stream and return_len is the length of the required return data.

And (3) outputting: output is the returned data

Begin：

1、temp＝NULL；counter2＝0x01；

2、FOR i＝1to return_len do

3、temp＝temp‖SM3(counter2‖input)

4、counter2＝counter2+1

END FOR

5、output＝the Leftmost return_len length data of temp

END

And (II) the PRNG is sowed again:

input: the first buffer V and the second buffer C, input are the input data stream, the reseeding counter, and other internal status information.

And (3) outputting: the updated first buffer V and second buffer C, input are the input data stream, the reseeding counter, and other internal status information.

Begin：

1、V＝SM3_df(0x02‖input‖V)；

2、C＝SM3_df(0x01‖V)；

3、counter＝1

4. Updating other internal state information

END

(III) PRNG output processing:

input: a first buffer V, a second buffer C, a reseeding counter and other internal state information.

And (3) outputting: the updated first buffer V, the reseeding counter, other internal state information, output are random numbers returned to the user.

Begin：

1、output＝SM3(V)；

2、H＝SM3(0x03‖V)；

3. V= (v+h+c+counter) mod (880 th power of 2);

4、counter＝counter+1；

5. updating other internal state information;

6. returning output

END

In some embodiments of the present application, after generating the pseudo random number from the cryptographic algorithm and the extended random entropy source sequence, the method further comprises: performing periodic health testing on the pseudo random number; outputting the pseudo random number if the periodic health test is passed; otherwise, the pseudo-random number is regenerated.

The embodiment of the application also carries out periodic health test on the pseudo random number finally output in the generation stage, and monitors whether the PRNG is normal or not. The output content of the PRNG is tested, and 12 existing random number detection methods can be used for each test. The first time a random number is generated, a self-test is performed, and subsequently at intervals (default 1 hour, i.e. 60 x 60 seconds) a self-test is performed. If the detection is passed, the random number is normally output, otherwise, the reseeding flow of the PRNG is triggered.

The specific flow of the test method is as follows: 2000 bits of random data are obtained from the output result of the PRNG every time, 1 round of detection is performed according to 12 detection methods in GM/T0005-2021 randomness detection Specification, and 20 times of 2000 bits of data are obtained in total, and 20 rounds of detection are performed. And counting the results of 12 detection, and if the failure number of one detection is greater than or equal to 2, considering that the current 20 rounds of detection are not passed, and trying 20 rounds of detection again. If the detection of 20 rounds is not passed for 2 times continuously, judging that the self-detection is not passed; otherwise, the detection passes. The whole flow is as follows:

(1) a complete 20-round test was started:

(2) The details of the flow of one round of detection are as follows:

a) Acquiring 2000-bit pseudorandom number data from the output result of the PRNG;

b) 12 detection items in GM/T0005-2021 randomness detection Specification were performed:

single bit frequency number detection;

detecting intra-block frequency;

detecting playing cards;

overlapping subsequence detection;

detecting the total number of the runlengths;

detecting the run distribution;

detecting the maximum run in a block;

binary derivation detection;

autocorrelation detection;

accumulating and detecting;

detecting approximate entropy;

discrete fourier detection;

c) The above 12 detection results were counted.

(3) Counting and continuously performing a plurality of rounds of detection items, if the number of the rounds is less than 20, performing the test of the next round of detection items, and entering the step (2); otherwise, the complete 20 rounds of testing are completed, and analysis and judgment on the test result are performed, namely, the step (4) is performed.

(4) Judging the accumulated statistical results of 12 test items in 20 rounds of test results:

a)For i＝1to 12do:

if (the number of failed test is more than or equal to 2)

If (a re-complete 20 rounds of test attempts have been completed)

No further attempts are made, the detection is failed, and the step (5) is entered;

Else

clearing the statistical result of 20 rounds of tests, then carrying out an attempt of complete 20 rounds of detection, and entering the step (1);

b) Passing the detection and entering the step (5);

(5) returning a self-detection result, and if the detection is passed, continuing normal operation of the PRNG; if the detection is not passed, an error prompt is made, and the user can restart the PRNG or restart the browser.

In order to facilitate understanding of the foregoing embodiments, as shown in fig. 3, a schematic flow chart of pseudo-random number generation in the embodiment of the present application is provided, and the key point of the pseudo-random number generation method of the present application is that:

1) The random entropy sources (CPU hardware random sequence, high-precision time, PID, TID, random number memory address, operating system random number, and other hardware related random entropy sources) related to various hardware by using a computer are collected, and the entropy sources are expanded based on an SM3 hash algorithm, so that the sufficiency of the hardware-related entropy sources is ensured.

2) The random number generator adopts a double-layer random number generator architecture based on an SM3 algorithm, a state secret SM3 hash algorithm is adopted in the random entropy source expansion flow, SM3 hash algorithm processing is performed again in the PRNG generation output flow, and different random entropy sources are additionally introduced.

3) Comprehensive real-time health monitoring: performing health test on various entropy sources during starting; performing continuous health test on the entropy source and the extended output entropy sequence; a periodic output health test is performed on the output random number sequence of PRNGs.

In summary, the pseudo random number generation method of the present application at least achieves the following technical effects:

1) The source of randomness of the entropy source data is sufficient. The CPU random sequence of the computer is mainly used, a plurality of hardware-related random entropy sources (high-precision time, PID, TID, random number memory address, and other hardware-related random entropy sources) are additionally used, and in the extreme case, the random number of the operating system is used as a supplement; and the entropy source is expanded based on an SM3 hash algorithm, so that sufficient randomness of the entropy source data is ensured.

2) The internal state of the pseudo-random number generator has extremely high security. Since the cryptographic SM3 hash algorithm has two characteristics: (1) unidirectional, i.e. the input value cannot be deduced in reverse through the hash value; (2) anti-collision, i.e. finding any two different input strings, makes it difficult to output the same hash value. The random number generator adopts a double-layer random number generator architecture based on SM3 algorithm expansion and generation, namely, the initialization, the reseeding and the output processing of the expansion function stage of the previous layer are realized by adopting the SM3 algorithm; the initialization, reseeding and output processing of the generation and output stage of the later layer are realized by adopting an SM3 algorithm. And different random entropy sources are additionally introduced in both the expansion and the generation phases. Thus, with reference to the current research level and the computing power of the computer, it is not possible for an attacker to obtain information about the internal state of the generator at a time before the generator from the output random data.

3) The final output random number has sufficient randomness. (1) Because the method and the device detect all key links of the random number generator in real time: the entropy estimation evaluation is carried out on various hardware related random entropy sources during starting, so that the reliability of the entropy sources is ensured; the method has the advantages that the health test and the continuous health test are carried out on the entropy pool data when the entropy pool data are started, so that the sufficiency of random entropy sources in the entropy pool is ensured; continuous health test is carried out on all the output extended random sequences in the extended output stage; and periodically outputting the health test to the random number result in the output generation stage. (2) A new random entropy source is introduced in the initialization, reseeding and output processing of the expansion stage; the initialization, reseeding and output processes in the generation stage all introduce new random entropy sources. Thus, the output result is ensured to have sufficient randomness as a whole.

In a word, the random entropy sources related to various hardware are used and expanded, the internal state of the pseudo-random number generator has extremely high safety, and the output random number sequence is ensured to contain sufficient random; independent of additional hardware peripherals, the method is convenient to use, and can well meet the requirements of various random number application scenes.

The embodiment of the application further provides a pseudo-random number generating device 400, as shown in fig. 4, and a schematic structural diagram of the pseudo-random number generating device in the embodiment of the application is provided, where the device 400 includes:

an acquisition unit 410 for acquiring a random entropy source sequence of a computer, the random entropy source sequence comprising a plurality of random entropy source information associated with computer hardware;

the expansion unit 420 is configured to perform expansion processing on the random entropy source sequence by using a cryptographic algorithm, so as to obtain an expanded random entropy source sequence;

and a generating unit 430, configured to generate a pseudo random number according to the cryptographic algorithm and the extended random entropy source sequence.

In some embodiments of the present application, the acquisition unit 410 is specifically configured to: based on the preset acquisition priority and the preset acquisition byte length, acquiring various random entropy source sequences associated with computer hardware and storing the random entropy source sequences into a temporary entropy pool; the random entropy source sequence comprises at least one of a random entropy source sequence in a CPU of a computer, a process number PID of a program, a thread number TID of the program, high-precision system time of an operating system, memory address information and a random number interface of the operating system.

In some embodiments of the present application, the acquisition unit 410 is specifically configured to: respectively evaluating the minimum entropy of various random entropy source sequences; and screening the multiple random entropy source sequences according to the evaluation result to obtain a screened random entropy source sequence.

In some embodiments of the present application, the apparatus further comprises: the first test unit is used for counting the repetition times of the random entropy source information according to the random entropy source sequence before the random entropy source sequence is subjected to expansion processing by using a cryptographic algorithm to obtain an expanded random entropy source sequence; if the repetition number is smaller than a first preset number threshold, passing a power-on health test; otherwise, the power-on health test is not passed.

In some embodiments of the present application, the random entropy source sequence is stored in a temporary entropy pool, and the expansion unit 420 is specifically configured to: respectively constructing a random entropy source sequence for initialization, a temporary random entropy source sequence and a first additional random entropy source sequence in an expansion stage according to a random entropy source sequence stored in a temporary entropy pool, wherein the random entropy source sequence for initialization, the temporary random entropy source sequence and the first additional random entropy source sequence are constructed based on different random entropy source information; according to the random entropy source sequence stored in the temporary entropy pool and the random entropy source sequence for initialization of the expansion phase, performing initialization processing of the expansion phase by utilizing the cryptographic algorithm, and filling a fixed entropy pool of the expansion phase, wherein the fixed entropy pool comprises a first cache area and a second cache area; according to the filled first buffer area and second buffer area, the temporary random entropy source sequence and the first additional random entropy source sequence, the cryptographic algorithm is utilized to perform the reseeding treatment of the expansion stage, and the first buffer area and the second buffer area of the expansion stage are updated; and according to the updated first buffer area, the second buffer area and the first additional random entropy source sequence, performing output processing of an expansion stage by utilizing the cryptographic algorithm, outputting the expanded random entropy source sequence and updating the first buffer area of the expansion stage.

In some embodiments of the present application, the apparatus further comprises: the second test unit is used for counting the repetition times of the read random entropy source information when the random entropy source information is read from the temporary entropy pool each time, and counting the repetition times of the expanded random entropy source information when the expanded random entropy source sequence is output each time; if the repetition number is smaller than a second preset number threshold, passing the continuous health test; otherwise, the continuous health test is not passed.

In some embodiments of the present application, the random entropy source sequence is stored in a temporary entropy pool, and the generating unit 430 is specifically configured to: constructing a second additional random entropy source sequence of the generation stage according to the random entropy source sequence stored in the temporary entropy pool; according to the expanded random entropy source sequence, initializing a generation stage by utilizing the cryptographic algorithm, and filling a first buffer area and a second buffer area of the generation stage; according to the filled first buffer area and second buffer area, the second additional random entropy source sequence and the expanded random entropy source sequence, the cryptographic algorithm is utilized to perform reseeding treatment in the generation stage, and the first buffer area and the second buffer area in the generation stage are updated; and according to the updated first buffer area, the updated second buffer area and the second additional random entropy source sequence, performing output processing of the generation stage by utilizing the cryptographic algorithm, outputting a final pseudo-random number and updating the first buffer area of the generation stage.

In some embodiments of the present application, the apparatus further comprises: the third testing unit is used for carrying out periodic health testing on the pseudo random number after generating the pseudo random number according to the cryptographic algorithm and the expanded random entropy source sequence; outputting the pseudo random number if the periodic health test is passed; otherwise, the pseudo-random number is regenerated.

It can be understood that the above pseudo-random number generating device can implement each step of the pseudo-random number generating method provided in the foregoing embodiment, and the relevant explanation about the pseudo-random number generating method is applicable to the pseudo-random number generating device, which is not described herein.

Fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present application. Referring to fig. 5, at the hardware level, the electronic device includes a processor, and optionally an internal bus, a network interface, and a memory. The Memory may include a Memory, such as a Random-Access Memory (RAM), and may further include a non-volatile Memory (non-volatile Memory), such as at least 1 disk Memory. Of course, the electronic device may also include hardware required for other services.

The processor, network interface, and memory may be interconnected by an internal bus, which may be an ISA (Industry Standard Architecture ) bus, a PCI (Peripheral Component Interconnect, peripheral component interconnect standard) bus, or EISA (Extended Industry Standard Architecture ) bus, among others. The buses may be classified as address buses, data buses, control buses, etc. For ease of illustration, only one bi-directional arrow is shown in FIG. 5, but not only one bus or type of bus.

And the memory is used for storing programs. In particular, the program may include program code including computer-operating instructions. The memory may include memory and non-volatile storage and provide instructions and data to the processor.

The processor reads the corresponding computer program from the nonvolatile memory into the memory and then runs the computer program to form the pseudo-random number generating device on a logic level. The processor is used for executing the programs stored in the memory and is specifically used for executing the following operations:

The method performed by the pseudo-random number generating device disclosed in the embodiment shown in fig. 1 of the present application may be applied to a processor or implemented by a processor. The processor may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or by instructions in the form of software. The processor may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), etc.; but also digital signal processors (Digital Signal Processor, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), field programmable gate arrays (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components. The disclosed methods, steps, and logic blocks in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the embodiments of the present application may be embodied directly in hardware, in a decoded processor, or in a combination of hardware and software modules in a decoded processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory, and the processor reads the information in the memory and, in combination with its hardware, performs the steps of the above method.

The electronic device may further execute the method executed by the pseudo-random number generating device in fig. 1, and implement the functions of the pseudo-random number generating device in the embodiment shown in fig. 1, which is not described herein again.

The embodiments of the present application also provide a computer readable storage medium storing one or more programs, where the one or more programs include instructions, which when executed by an electronic device including a plurality of application programs, enable the electronic device to perform a method performed by the pseudo-random number generating apparatus in the embodiment shown in fig. 1, and specifically are configured to perform:

It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.

Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.

It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.

It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and changes may be made to the present application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc. which are within the spirit and principles of the present application are intended to be included within the scope of the claims of the present application.

Claims

1. A method of generating pseudo-random numbers, the method comprising:

2. The method of claim 1, wherein the collecting the random entropy source sequence of the computer comprises:

3. The method of claim 1, wherein the collecting the random entropy source sequence of the computer comprises:

4. The method of claim 1, wherein prior to expanding the random entropy source sequence using a cryptographic algorithm to obtain an expanded random entropy source sequence, the method further comprises:

otherwise, the power-on health test is not passed.

5. The method of claim 1, wherein the random entropy source sequence is stored in a temporary entropy pool, and the expanding the random entropy source sequence by using a cryptographic algorithm to obtain an expanded random entropy source sequence comprises:

6. The method of claim 5, wherein the method further comprises:

otherwise, the continuous health test is not passed.

7. The method of claim 1, wherein the random entropy source sequence is stored in a temporary entropy pool, and wherein generating a pseudo random number from the cryptographic algorithm and the extended random entropy source sequence comprises:

8. The method of claim 1, wherein after generating a pseudo random number from the cryptographic algorithm and the extended random entropy source sequence, the method further comprises:

performing periodic health testing on the pseudo random number;

outputting the pseudo random number if the periodic health test is passed;

otherwise, the pseudo-random number is regenerated.

9. A pseudo-random number generation apparatus, the apparatus comprising:

10. An electronic device, comprising:

a processor and a memory arranged to store computer executable instructions which, when executed, cause the processor to perform the method of any of claims 1 to 8.

11. A computer readable storage medium storing one or more programs, which when executed by an electronic device comprising a plurality of application programs, cause the electronic device to perform the method of any of claims 1-8.