IE20000863A1 - System and method for generation of one-time sequences of uniformly distributed bits based on physical phenomena - Google Patents

System and method for generation of one-time sequences of uniformly distributed bits based on physical phenomena

Info

Publication number
IE20000863A1
IE20000863A1 IE20000863A IE20000863A IE20000863A1 IE 20000863 A1 IE20000863 A1 IE 20000863A1 IE 20000863 A IE20000863 A IE 20000863A IE 20000863 A IE20000863 A IE 20000863A IE 20000863 A1 IE20000863 A1 IE 20000863A1
Authority
IE
Ireland
Prior art keywords
processor
processes
random number
stream
binary digits
Prior art date
Application number
IE20000863A
Inventor
Gerald Staruiala
James Edward Mcroberts
Original Assignee
Gerald Staruiala
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gerald Staruiala filed Critical Gerald Staruiala
Priority to IE20000863A priority Critical patent/IE20000863A1/en
Priority to IES20010314 priority patent/IES20010314A2/en
Priority to AU46777/01A priority patent/AU4677701A/en
Priority to PCT/IE2001/000042 priority patent/WO2001073542A1/en
Priority to IE20010315A priority patent/IE20010315A1/en
Publication of IE20000863A1 publication Critical patent/IE20000863A1/en

Links

Landscapes

  • Complex Calculations (AREA)

Abstract

A method for the generation of one-time sequences of bits of arbitrary length based on the randomness of execution time allotted to threads with different priority inside a digital computer running a multitasking operative system is presented. When two or more processes are running inside a computer or other processor, the time allotted to each task depends on the load of the system at a particular instant in time. The random number generator makes use of the fact that in modern multitasking environments, the resources allocated to a process is a complex function of the state of the processor and operating system at a particular point in time to generate a random sequence of bits of arbitrary length. The random number generator phase executes two processes in parallel with different priorities assigned to them, and counts the number of cycles or iterations they were able to complete. It then compares the two cycle counts and retains the least significant bit of the difference, which is deemed to have an uncertainty of 50%. This is a particular implementation of a more general idea that links the realms of physics and information theory.

Description

The invention here makes use of the discovery that a digital computer or other processor running a modem multitasking operative system, although deterministic, is a complex enough system to be stochastic. Therefore certain measures of the internal state can be considered stochastic, and these can be used as a source of uniformly distributed random numbers.
The way in which the system of the present invention works is by indirectly measuring a quantity that depends on the state of the system (Hardware + Operative System + Applications) at a particular point in time. Because of the unlikelihood of the state of the system being exactly the same for two different instants, any function of the state of the system will be, for all practical matters, a stochastic variable. Moreover, the instantaneous parameters of its distribution (average, dispersion, etc.) can be used to assess the state of the system.
The present invention also comprises a process or method for generating random numbers for use as keys in a wide variety of applications, including, but not limited to cryptography, digital signatures, authentication, gambling, simulation, security, etc.
The uniformly distributed bits generator of the present invention executes a process that measures the performance of a given task with respect to its own application thread. The process generates a stream of binary digits by taking the least significant bit of the difference in the number of cycles allocated to tasks (sub-processes in FIG. 2) running with different priorities, and adding it to the stream. If, in the process of generating the stream, the successive differences are stored, the average and standard deviations can be calculated and used as a fingerprint for the instantaneous state of the system.
The bit-stream generated by the procedure described above, will be different each time the process is run, even if it is run in the same computer or processor.
The state of a computer system (hardware + operative systems) can be assessed by running known tasks in different threads and measuring how much resources are allocated to them.
The present bit stream generator is immune to attacks known to work with pseudo-random number generators. The functions for the primary and secondary threads can be made as light as IE Ο 8 5 8 6 j needed, depending on the computing power available, which will make possible the efficient generation of long sequences even in small programmable logic control devices. Generation of large sequences can be obtained from devices as small as four bits.
In certain applications, it will be possible to run more than one low priority thread at a time in which case many bits can be added to the stream simultaneously.
The concept can be extended to multiprocessor and/or multicomputer (network) environments. In those cases each computer/processor will be running a different thread and communicating how much of it was processed upon request of the controller computer/processor.
In this way one can add n-1 bits to the stream at a time, n being the number of processors/computers.
BRIEF DESCRIPTION QF THE DRAWINGS FIG. 1 illustrates how the bit-stream is generated by iteration of the cycle described as “process”.
FIG. 2 illustrates in detail the “process” comprised of a counter associated to the application thread and two sub-processes running in different threads with different priority. Upon completion of sub-process 1, the application checks how many cycles sub-process 2 was allotted by the thread manager. Sub-process 2 can start at any time after the application is started.
FIG. 3 illustrates an exemplary embodiment of the random number generator as a key and signature generator for a cryptographic system. In this system, communication channels A and B can be considered as the threaded process. The last bit of the difference in transmission time (δϊ) of a preestablished message between channels A and B can be added to the stream that can function as private key, and the value of At can be used to compile statistical information that can be used as signature.
IE Ο Ο Ο 8 Ο $ DESCRIPTION OF THE EXEMPLARY EMBODIMENTS Example 1 An example of the application of this method is the private key generator used by the copending application entitled “Keyless Encryption System and Method,” see Irish patent application S2000/-236, filed March 29,2000.
Example 2 Another practical example of the utility of the invention can be understood with regards to the following description. Suppose a user wants to safeguard sensitive data on storage medium. One possible safeguard will be to remove the medium and lock it in a safe to which only the user has access. Such a technique is cumbersome and expensive. By using this invention even a processor of low power can generate a large stochastic sequence of bits to be used as a one-time pad for encryption of the files. The one-time pad itself can be encrypted with a standard algorithm, see Part III of Schneier, and saved in the same medium by using a password and the system’s physical signature. This way, the contents of the files stored in the medium can be browsed only when the same system is used and the password is known.
Example 3 A further safeguard of the invention is that each set of data can be encrypted with a unique one-time pad, which is a function of the system state at the time the pad is generated. Therefore, even if a computer is stolen or hacked, it cannot be used to generate the one-time pad to decrypt the data.
Althoughfhe present invention has been described with regards to preferred embodiments, it will be clear to those skilled in the art that the invention could be used in different applications or embodiments without departing from the spirit of the invention.

Claims (25)

1. We claim:
1. A method of generating a random number as an arbitrary length sequence of binary digits (bits) based on the temporal state of a processor, said method comprising: a. initiating execution of at least one process on said processor; b. executing at least one other process on said processor such that the process of step (a) and the process of step (b) are concurrently running; c. taking a least significant bit of each of the differences in the number of cycles performed by steps (a) and each process of step (b) and adding them to form a bit stream; and d. repeating steps (a) - (c) a number of times until a desired stream length is obtained.
2. A method of generating a random number as an arbitrary length sequence of binary digits based on the temporal state of a processor, said method comprising: a. initiating execution of at least one high priority process on said processor; b. executing at least one low priority process on said processor such that the process of step (a) and the process of step (b) are concurrently running; c. taking a least significant bit of each of the differences in the number of cycles performed by step (a) and each process of step (b) and adding them to form a bit stream; and d. repeating steps (a) - (c) a number of times until a desired stream length is obtained.
3. A method of generating a random number as an arbitrary length sequence of binary digits based on the temporal state of a multi-processor computer system, said method comprising: a. initiating execution of at least one process on a processor of said computer system; b. executing at least one other process on another processor of said computer system; ΙΕ ο Ο Ο 8 Β Β c. taking a least significant bit of the difference in the number of cycles performed by each pair of processes in step (a) and step (b) and adding them to form a bit stream; and d. repeating steps (a) - (c) a number of times until a desired stream length is obtained.
4. A method of generating a random number as an arbitrary length sequence of binary digits based on the temporal state of a multi-computer network, said method comprising: a. initiating execution of at least one process on a computer of said network; b. executing at least one other process on another computer of said network; c. taking a least significant bit of the difference in the number of cycles performed by each of pair of processes of steps (a) and (b) and adding them to form a bit stream; and d. repeating steps (a) - (c) a number of times until a desired stream length is obtained.
5. A method of generating a random number as an arbitrary length sequence of binary digits based on the temporal state of a processor, said method comprising: a. initiating execution of at least one process on said processor; b. executing at least one other process on said processor such that the processes of step (a) and step (b) are concurrently running; c. allowing the processes of steps (a) and (b) to run until occurrence of a pre-determined event; d. taking a least significant bit of the difference in the number of cycles performed by each of steps (a) and (b) and adding them to form a bit stream; and e. repeating steps (a) - (d) a number of times until a desired stream length is obtained.
6. A method of generating a random number as an arbitrary length sequence of binary digits based on the temporal state of a multi-processor computer system, said method comprising: a. initiating execution of at least one process on one processor of said computer system; b. executing at least one other process on other processors of said computer system; c. allowing the processes of steps (a) and (b) to run until occurrence of a pre-determined event; d. taking a least significant bit of the differences in the number of cycles performed by each pair of processes of steps (a) and (b) and adding them to form a bit stream; and e. repeating steps (a) - (d) a number of times until a desired stream length is obtained.
7. A method of generating a random number as an arbitrary length sequence of binary digits based on the temporal state of a network of computer systems, said method comprising: a. initiating execution of at least one process on one processor of said network system; b. executing at least one other process on other processors of said network system; c. allowing the processes of steps (a) and (b) to run until occurrence of a pre-determined event; d. taking a least significant bit of the differences in the number of cycles performed by each pair of processes of steps (a) and (d) and adding them to form a bit stream; and e. repeating steps (a) - (d) a number of times until a desired stream length is obtained.
8. A method of generating a random number as an arbitrary length sequence of binary digits based on the temporal state of a multi-computer network, said method comprising: a. initiating execution of a receiver process on one computer of said network; b. executing at least two other sender processes on other computers of said network such that the processes of step (b) are concurrently sending a pre-determined message to the process of step (a); c. allowing the process of step (a) to receive said message from each process of step (b); d. taking a least significant bit of the differences in transmit times for each pair of processes of step (b) and adding them to form a bit stream; and e. repeating steps (a) - (d) a number of times until a desired stream length is obtained.
9. A method of generating a random number as an arbitrary length sequence of binary digits based on the temporal state of a computer system, comprising the steps of: a. selecting a stream length that defines the length of the random number to be generated; b. initiating execution of at least one process on said computer system; c. monitoring execution of said processes for occurrence of at least one triggering event; d. taking at least one associated performance measurement when said triggering event occurs; e. adding said performance measurements to a temporally identified data set; f. iterating through steps c, d, and e until at least one stopping condition has occurred; g. repeating steps b through f until the number of performance measurements is at least one more than stream length; and h. executing a difference function over said data sets to obtain a random number as a stream length sequence of binary digits.
10. The method of claim 9 wherein: said processes are one high priority process and at least one low priority process; said triggering event is completion of said high priority process; said performance measurements are number of cycles completed by each said process; ΙΕ η n o s β j said stopping condition is completion of said high priority process; and said difference function takes least significant bits of differences in the number of cycles performed by said high priority process and each said low priority process, for each said data set, and concatenates them in temporal order to form a bit stream.
11. The method of claim 9, further comprising the step of: a. calculating distribution statistics over all said data sets for use as a fingerprint for the instantaneous state of said system.
12. The method of claim 11 wherein: said processes are at least two transmitters of a pre-established message having each said process transmitting on a separate channel; said triggering events are receipt of said message on any said channel; said performance measurements are transmission time of said message on said channel that received said message; said stopping condition is receipt of said message by all said channels; and said difference function takes least significant bits of differences in transmission times, for each said data set, and concatenates them in temporal order to form a bit stream.
13. The method of claim 9 wherein: said computer system is a multiprocessor system; and said processes are running on different processors of said computer system.
14. The method of claim 9 wherein: said computer system is a multicomputer networked system; and said processes are running on different computers of said networked system. u Ο Ο 8 S 5
15. An apparatus that generates a random number as an arbitrary length sequence of binary digits based on the temporal state of a computer system, comprising: a. at least one processor; b. a threaded process having at least two threads; c. a memory coupled to each said processor that stores instructions of said threaded process adapted to be executed by said processor: to accept a count that is a total of the number of bits to be in a generated random number, to obtain for each thread ‘count’ number of performance measurements having a predetermined statistical precision, and to construct said random number by concatenation of the least significant bit of a function of the differences between said performance measurements.
16. The apparatus of claim 15 wherein said threaded process is further adapted to fingeiprint the system with statistical information derived from said performance measurements.
17. A system that generates a random number as an arbitrary length sequence of binary digits based on the temporal state of a computer system, comprising: a. a threaded process with at least two associated threads; b. means for collecting a set of temporally based performance measurements with a predetermined statistical precision about each said thread; and c. means for creation of a random number of arbitrary length as a sequence of binary digits from a difference function applied to said set.
18. The system of claim 17, further comprising: ίΕ 0 0 0 8 6 3 d. means for creation of a fingerprint for the instantaneous state of the system from distribution statistics of said set.
19. A medium that stores instructions for generating random numbers as an arbitrary length sequence of binary digits based on the temporal state of a computer system, adapted to be executed as a threaded process by at least one processor of the computer system to perform the steps of: a. associating at least two threads with the threaded process; b. collecting a set of temporally based performance measurements with a pre-determined statistical precision for each said thread where the size of the set is equal to the length of the sequence of binary digits; c. applying a difference function to the set; and d. concatenating the least significant bit of each of the results of the difference function to create the random number as a sequence of binary digits.
20. The medium of claim 19 wherein the instructions stored and executed as the threaded process further include the step of: e. creating a fingerprint of the instantaneous state of the system from distribution statistics of said set.
21. A method of encryption comprising: employing the bit-stream generated by the method of claim 1 in an encrypting and decrypting process.
22. The method of claim 21 wherein the encrypting and decrypting process includes encrypting a key. IE Ο Ο 0 8 6 s
23. A method of simulation comprising: employing the bit-stream generated by the method of claim 1 in a simulation process.
24. A method of generating a digital signature comprising: employing the bit-stream generated by the method of claim 1 in a digital signature verifying process.
25. A method of generating an identification comprising: employing the bit-stream generated by the method of claim 1 in an access authenticating process.
IE20000863A 2000-03-29 2000-10-26 System and method for generation of one-time sequences of uniformly distributed bits based on physical phenomena IE20000863A1 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
IE20000863A IE20000863A1 (en) 2000-10-26 2000-10-26 System and method for generation of one-time sequences of uniformly distributed bits based on physical phenomena
IES20010314 IES20010314A2 (en) 2000-03-29 2001-03-29 Random Number Generation
AU46777/01A AU4677701A (en) 2000-03-29 2001-03-29 Random number generation
PCT/IE2001/000042 WO2001073542A1 (en) 2000-03-29 2001-03-29 Random number generation
IE20010315A IE20010315A1 (en) 2000-03-29 2001-03-29 Random Number Generation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
IE20000863A IE20000863A1 (en) 2000-10-26 2000-10-26 System and method for generation of one-time sequences of uniformly distributed bits based on physical phenomena

Publications (1)

Publication Number Publication Date
IE20000863A1 true IE20000863A1 (en) 2002-05-29

Family

ID=27637803

Family Applications (1)

Application Number Title Priority Date Filing Date
IE20000863A IE20000863A1 (en) 2000-03-29 2000-10-26 System and method for generation of one-time sequences of uniformly distributed bits based on physical phenomena

Country Status (1)

Country Link
IE (1) IE20000863A1 (en)

Similar Documents

Publication Publication Date Title
EP2987267B1 (en) System and methods for encrypting data
Yun et al. On protecting integrity and confidentiality of cryptographic file system for outsourced storage
WO2019166001A1 (en) Token generation and verification method and smart terminal
JP2001514834A (en) Secure deterministic cryptographic key generation system and method
AU2021200062B2 (en) Systems and computer-implemented methods for generating pseudo random numbers
JP2014075082A (en) Random number generator and random number generation method
Sleem et al. TestU01 and Practrand: Tools for a randomness evaluation for famous multimedia ciphers
Cortez et al. Cryptographic randomness test of the modified hashing function of SHA256 to address length extension attack
CN112580114B (en) Information processing method, device, equipment and storage medium
US20050010624A1 (en) Method and system for making secure a pseudo-random generator
CN112580077B (en) Information processing method, device, equipment and storage medium
WO2001073542A1 (en) Random number generation
IE20000863A1 (en) System and method for generation of one-time sequences of uniformly distributed bits based on physical phenomena
IES20010314A2 (en) Random Number Generation
IE20010315A1 (en) Random Number Generation
CN111884799B (en) CRPs library construction method and system based on RO-PUF
Wu et al. Secure key management of mobile agent system using tpm-based technology on trusted computing platform
Kitamura et al. One-time programs with cloud storage and its application to electronic money
Turakulovich et al. Comparative factors of key generation techniques
Howgrave-Graham et al. Pseudo-random number generation on the IBM 4758 Secure Crypto Coprocessor
Zahoor et al. Lightweight Authenticated Key Agreement Protocol for Smart Power Grid Systems Using PUF
Dutta et al. Key variation technique based on piggybacking strategies under public key environments
Topaloglu et al. A pseudo random number generator in mobile agent interactions
Yeh et al. S/390 CMOS cryptographic coprocessor architecture: Overview and design considerations
CN117711094A (en) Dynamic password generation method of intelligent door lock and related equipment

Legal Events

Date Code Title Description
FA9A Application withdrawn section 33(1)