TW200418266A

TW200418266A - Random number generator using audio card

Info

Publication number: TW200418266A
Application number: TW92105156A
Authority: TW
Inventors: ming-zhe Zhang; Jian-Hong Chen; geng-hao Zhang; Han-Jie Sun
Original assignee: Chunghwa Telecom Co Ltd
Priority date: 2003-03-11
Filing date: 2003-03-11
Publication date: 2004-09-16
Also published as: TW580797B

Abstract

A random number generator using audio card is disclosed, wherein the audio card widely installed on the personal computer or Unix workstation is used to extract the noise value in the microphone port as the primitive value of the random number sequence, and a procedure is performed to eliminate the concentrated distribution and the timing correlation in the noise signal, so as to obtain a real random number sequence with high quality. The principle of the present invention is based on the unpredictable property of the thermal noise in quantum mechanics. Thermal noise is extracted and used as the source of actual random number, and the characteristics of the hash algorithm such as scrambling/diffusion and compression in cryptography is utilized to relieve the concentrated distribution and the timing correlation in the noise value, and to greatly improve the statistical quality of the random number sequence. In addition, by using different sources of random number to form the random number sequence, the degree of difficulty in guessing the system random number can also be increased proportionally.

Description

200418266 (售明所屬之技術領域、先前技術、內容、實施方式及圖式簡【發明所屬之技術領域】 x 三本發明係關於一種利用音效卡的亂數產生器，特別是指一種利用個人電腦或Unix謂站上的音效卡，娜麥克解上的噪音值作Μ數序列的原始值，再經過消除噪音訊號裡集中分佈與前後相關性之處理，以得到高品質的真實亂數序列之亂數產生器。【先前技術】一個高品質的亂數產生器在許多應用系統上都扮演著十分重要的角色，例如：保密安全系統、電腦遊戲、彩卷選取、系統模擬等。目前電腦系統中所使用的亂數可分成兩類··以軟體演算法製作的虛擬亂數，以及利用硬體上峨機事件·狀資料#健魏數絲源。趣紐雖可擁有若干統計分佈上的良好表現，但它在本質上屬於可預期的產出。特定的初始值就產生特定的虛擬亂數值，其隨機性並不比某一自然數列好多少。再者，不可預測的亂數在許多應用系統中都佔有關鍵性的地位，例如：密碼演算所需的金鑰，即應具有無__性質，才能確保系統的安全。然而在一般電腦系統上所產生的亂數是採軟體演算法由給定的起始值算出亂數值，這種看起來雜亂的數值卻是依序排列缺乏隨機性可言，以現在的電腦效率已經可以在合理時_完成分析並_其亂數之規律。真正隨機產生而無任何規則性可供預測的亂數需要利用硬體來產生，例如使用電子元件的熱雜訊當作亂數源，即是基於量子力學的測不準理論中電子自由運動之不可預測性。然而要如何在—般電腦環境中收㈣子元件上的熱雜訊 3續次頁（發明說明頁不敷使用時，請註記並使用續頁） 200418266 發明說劈繪裒卻非易事’ -般是利用專屬的硬體插在Rs_232或USB阜，再透過驅動程式擷取硬體產生的雜訊，但這麼做卻增加了硬體及安裝方面的成本及不' 便。而有鑒於高品質亂數在電腦系統中的日益重要，祕公司於以後的版本也在CPU上提供硬體產生的真實亂數魏，細它仍需要安裝亂數驅動程式並加以設定，也有若干的不便之處。由此可見，上述習用技術仍有諸多缺失，實非一良善之設計者，而亟待加以改良。本案發明人鑑於上述習用亂數產生方式所衍生的各項缺點，乃亟思加讀以改良創新，並經多年苦心孤詣潛心研究後，終於成功研發完成本件利用音效卡的亂數產生器。【目的】本發明之目的即在於提供一種利用音效卡的亂數產生器，係利用個人電腦或Unix工作站上普遍裝設的音效卡，擷取麥克風阜上的噪音值作為亂數序列的來源，無須另外安裝特定之驅動程式或進行任何設定，大為改盖了使用上的便利性且仍具備無可預測的硬體亂數品質，此外，在去除噪音耀訊號的偏離性之處理上，採取理論及實驗分析所得之結果以設計後處理功能，於最佳的亂數品質下兼顧系統之效能。本發明之次一目的係在於提供一種利用音效卡的亂數產生器，係採取無法預測的熱雜訊作為亂數原始值’再利用審慎設計的密碼學雜湊演算法進行訊號的雜亂化，所得到的真實亂數序列在各種主要的隨機度評比指標上都具備優良的表現。 □續次頁 (發明說明頁不敷使用時，請註記並使用續頁）200418266 (Sales of the technical field, prior art, content, implementation, and drawings of the sales [Technical Field to which the Invention belongs] x The present invention relates to a random number generator using a sound card, especially a personal computer Or the sound card on the Unix station, the noise value on the Namac solution is used as the original value of the M-number sequence, and then the concentrated distribution and the back-and-forth correlation in the noise signal are eliminated to obtain a high-quality chaos of the real random number sequence. Number generator. [Previous technology] A high-quality random number generator plays a very important role in many application systems, such as: security systems, computer games, color selection, system simulation, etc. Currently in computer systems The random numbers used can be divided into two categories: · Virtual random numbers produced by software algorithms, and the use of Emei events on the hardware · Shape data # 健魏数丝源. Although Qunew can have some good performance in statistical distribution , But it is a predictable output in nature. A certain initial value produces a certain virtual disorder value, and its randomness is no better than a certain natural number How much better. In addition, unpredictable random numbers occupy a critical position in many application systems, such as: The keys required for cryptographic calculations should have no __ nature in order to ensure the security of the system. However, in general The random numbers generated on the computer system are calculated by software algorithms from a given starting value. This kind of seemingly random values are arranged in order and lack randomness. At present, computer efficiency can already be used in When it is reasonable _ to complete the analysis and _ its law of random numbers. Random numbers that are really randomly generated without any regularity to be predicted need to be generated by hardware, such as using thermal noise from electronic components as a source of random numbers, which is based on Unpredictability of electron free movement in the theory of uncertainty of quantum mechanics. However, how to collect thermal noise on the radon element in a general computer environment 3 Continued pages (when the invention description page is insufficient, please note and (Using continuation page) 200418266 Invented that splitting and drawing is not easy.-Generally, the dedicated hardware is inserted into Rs_232 or USB, and then the noise generated by the hardware is captured by the driver, but this is done. However, it increases the cost and inconvenience of hardware and installation. In view of the increasing importance of high-quality random numbers in computer systems, the secret version of the company also provides real random numbers generated by the hardware on the CPU in future versions. It still needs to install and set random number driver, and there are some inconveniences. It can be seen that there are still many shortcomings in the above-mentioned conventional technology, which is not a good designer, and it needs to be improved. In view of the above Various shortcomings derived from the conventional random number generation method are eager to read for improvement and innovation, and after years of painstaking research, finally successfully developed this random number generator using a sound card. [Objective] The purpose of the present invention That is to provide a random number generator using a sound effect card. The sound effect card commonly installed on a personal computer or a Unix workstation is used to capture the noise value on the microphone as the source of the random number sequence. There is no need to install a specific driver. Or make any settings, which greatly changes the convenience of use and still has unpredictable hardware random quality. In addition, In addition to the treatment of noise Yao Deviation signals, take the results of theoretical and experimental analysis of the obtained processing functions designed to take into account the system performance at the best quality random number. A second object of the present invention is to provide a random number generator using a sound card, which uses unpredictable thermal noise as the original value of the random number, and then uses a carefully designed cryptographic hash algorithm to scramble the signal. The obtained real random number sequence has excellent performance on various main randomness evaluation indexes. □ Continued pages (If the description page of the invention is insufficient, please note and use the continued pages)

本發明之另一目的係在於提供一種利用音效卡的亂數產生器係利用 512位元的單向雜湊演算法進行亂數序列的後處理作業，不僅提高亂數的品質指標值’也消除了反向破解出原始噪音序列的可能。此外又讀取系統的高解析度時間值與亂數輸纽進行遮罩處理，更增加亂數序列職測困難度。可達成上述發明目的之利用音效卡的亂數產生器，係藉由下列原理達成：量子力學的測不準原理中電子自由運動之不可預測性，擷取熱雜訊以< 獲仔P通機亂數之初始值，猎碼學之雜凑函式所具備的混淆、擴散及壓縮等性質，以去除噪音訊號的偏離分佈情形。此外這種雜湊函式所具備的單向性’亦可消除反向推异出原始噪音值的可能；結合數個不同的隨機亂數來源以組成最終亂數序列，可以等比例提高系統亂數的猜測困難度。就這些原理和若干實驗結果及其應用分述如丁：一、熱雜訊（Thermal Noise 或 White Noise): 熱雜訊是由J.BJ〇hns〇n所發現的，也可稱為J〇hns〇n n〇ise，此種雜嫌訊源自於電阻性元件内部電子之隨機移動所產生，其強度與電阻的環境絕對溫度成正比；這種雜訊之存在可由下列實驗得知：將一未連接任何電源的一般電阻裝置在室溫環境中，這時候此電阻應是量測不到任何電壓值才對，但不用直流電壓表而改以一精密的電子電壓表則可量測到存在著一隨機之電壓值。這種熱雜訊依據量子力學的測不準原理，具有真正不可預測的隨機性。 □續次頁 (發明說明頁不敷使用時，請註記並使用續頁） 200418266 發明說 r , ¢- ‘ 〜熱雜訊一般可由如下公式表示： v» =4kTR(f) 、其中&為熱雜訊所產生電壓降之平均平方值；k為波茲曼常數=ι. 38 X 1〇 J/ K;T為絕對溫度；[為響應的頻率；R(f)為光電元件之阻抗值，一般為頻率之函數；為頻帶寬。設R(f)為定值，令R(f)=R，△£ =B，則上式之雜訊可由一個等效電路來代表，其中電壓源為熱雜訊=4kTRB=Kw2，或電流源為is2 = 4KTB/R。二、音效卡插上麥克風與與否對亂數值的影響：馨分別測試：（1)不插麥克風；（2)插上麥克風但無聲音輸入；（3)插上麥克風但給予單調聲音輸入；（4)插上麥克風且給予富於變化的聲音輸入；等四種情形進行輸入訊號的亂數值分析，獲知以第(4)種情形所得的訊號最富隨機丨生’接著是(3)及(2)的情形’最後才是(1)的情形。但這四者的差距不大，尤其對於chi-square分佈的指標而言並無不同。因此，本發明的設計可以忽略音效卡上是否有插麥克風這個因素，但卻需偵測音效卡的硬體是否失常而產生固定的輸入訊號，因為在這種特殊鲁的狀況下所獲得的亂數序列就無法擁有良好的隨機性質。三、雜凑函數之輸出/入長度對亂數值的影響：一個亂數序列的熵值(Entropy)依據資訊理論中熵的公式為： H-I[Pi*(-log Ρ〇] 即累計每一個可能輸出之機率乘上其負丨哗值。於是可以猜想，是否愈長的雜湊輸入值以及愈長的雜湊輸出值能夠改善亂數序列的品質。 ]續次頁（發明說明頁不敷使用時，請註記並使用續頁） 200418266Another object of the present invention is to provide a random number generator using a sound card to perform a post-processing operation of a random number sequence by using a 512-bit one-way hash algorithm, which not only improves the quality index value of random numbers, but also eliminates The possibility of cracking the original noise sequence in reverse. In addition, the high-resolution time value of the system and the random number input button are read for mask processing, which further increases the difficulty of the occupational test of the random number sequence. The random number generator using a sound card that can achieve the above-mentioned object of the invention is achieved by the following principles: Unpredictability of the free movement of electrons in the uncertainty principle of quantum mechanics, the thermal noise is captured to obtain the P-pass The initial value of the random number and the confusion, diffusion, and compression properties of the hash function of the hunting code science, to remove the deviation distribution of the noise signal. In addition, the one-way nature of this hash function can also eliminate the possibility of backward inference of the original noise value; combining several different random random number sources to form the final random number sequence can increase the system random number in proportion. Difficulty of guessing. These principles and several experimental results and their applications are described in detail as follows: 1. Thermal Noise (Thermal Noise or White Noise): Thermal noise is discovered by J.BJ.hns〇n, also known as J. hns〇nn〇ise, this kind of noise comes from the random movement of electrons inside the resistive element, and its strength is proportional to the absolute temperature of the resistance environment; the existence of this noise can be known by the following experiments: The general resistance device without any power supply is at room temperature. At this time, this resistance should not measure any voltage value, but it can be measured by using a precise electronic voltmeter instead of a DC voltmeter. With a random voltage value. This thermal noise is based on the uncertainty principle of quantum mechanics and has truly unpredictable randomness. □ Continued pages (When the description page of the invention is not enough, please note and use the continuation page) 200418266 The invention says that r, ¢-'~ Thermal noise can be generally expressed by the following formula: v »= 4kTR (f), where & is The average squared value of the voltage drop caused by thermal noise; k is the Boltzmann constant = ι. 38 X 1〇J / K; T is the absolute temperature; [is the frequency of the response; R (f) is the impedance value of the photovoltaic element Is generally a function of frequency; it is the frequency bandwidth. Let R (f) be a fixed value, let R (f) = R, △ £ = B, then the noise of the above formula can be represented by an equivalent circuit, where the voltage source is thermal noise = 4kTRB = Kw2, or current The source is is2 = 4KTB / R. Second, the effect of the sound card with or without a microphone on the chaotic value: Xin test separately: (1) without a microphone; (2) with a microphone but no sound input; (3) with a microphone but a monotone sound input; (4) Plug in the microphone and give a variety of sound input; wait for four cases to perform random numerical analysis of the input signal, and learn that the signal obtained in the (4) case is the richest random signal. Then follow (3) and Case (2) 'is the last case (1). But the difference between the four is not large, especially for the index of chi-square distribution. Therefore, the design of the present invention can ignore the factor of whether a microphone is inserted into the sound card, but it is necessary to detect whether the hardware of the sound card is abnormal and generate a fixed input signal, because the chaos obtained in this special situation Number sequences cannot have good random properties. 3. The influence of the input / output length of the hash function on the random value: The entropy value of an random number sequence (Entropy) is based on the formula of entropy in information theory: HI [Pi * (-log 〇) accumulates every possible The probability of the output is multiplied by its negative value. So you can guess whether the longer the hash input value and the longer the hash output value can improve the quality of the random number sequence.] Continued page (when the invention description page is insufficient, Please note and use continuation pages) 200418266

觀測本發明的亂數後處理程序中之雜凑函式在：（1)不同的輸入資料長度· (2)不同的輸出雜湊值長度；等兩種情形下對於亂數品質的影響。結果顯示，、輸入資料在超過某一長度(數個位元組)後對於亂數的品質並無顯著影響。然而，不同的輸出雜湊值長度會影響亂數的熵值，越長的雜湊值得到越高的熵值。但是雜湊值長度對於亂數序列的Chi Square分佈值而言，則無顯著影響。因此，本發明可採用較長的雜湊函式進行亂數序列的後處理作業，以獲得較佳的亂數品質。至於輸入資料的長度雖然在理論上增加其值可以提昇亂數的隨機性，但通常於超過某一長度之後(因不同的作業系統及音效卡設定而異)就不會有顯著的改進效果了。而在實務設計上，輸入資料的長度通常也不會小到對亂數品質有影響的程度。故對於雜湊函數的輸入資料長度’應該在滿足系統效能需求的情形下盡量增加其值。【較佳實施例】本發明利用音效卡以產製高品質的亂數序列，產製過程可分為兩個程序，即熱雜擷取程序與亂數值後處理程序。熱雜訊擷取程序利用普遍裝置於個人電腦或工作站上的音效卡，在不需插上麥克風的情況下讀取聲音擊訊號’並判斷輸入訊號之正常與否。後處理程序則將這些熱雜訊進行去偏離化處理，以獲得高品質且無可預測的亂數序列。一、熱雜訊操取程序：首先從音效卡讀取某一資料長度的聲音訊號， INaud = ReadMicrophone(INPUT BUFFER SIZE) 取八⑽表示輸入音效卡的噪音值，INPUT_BUFFER_SIZE則為每次讀取的資料長度’可在系統安裝之時設定，其最大值需視系統產生最終亂數的 □續次頁（翻麵頁不敷麵時，請ϋ記並使臓頁） 200418266 發明咖續頁速率需求而定，最小值則視麥克風訊號的變化週期及亂數後處理的雜凑函式長度而定，決定長度的原則是，若音效卡上的訊號在某一取樣長度下沒有足夠的變化型態，則這個長度應定為INPUT一BUFFERJSIZE的最小值以求取亂數之隨機性，且這個最小值也應大於亂數後處理的雜湊函式長度；但是INPUT—BUFFER一SIZE愈大則系統產生亂數序列的速度也就愈慢，於是須在這兩個因素之間作一個權衡以定出適當的INPUT_BUFFER_SIZE，需要愈多的隨機性之應用系統可增加INPUT_BUFFER-SIZE，而講求系統執行效能者則採取最小值。亦即： 512 bits S INPUT一BUFFER SIZE $ INPUT_BUFFER SIZE for minimum RNG speed 為了幫助使用者在安裝本亂數產生器系統時，能有效的設定 INPUT一BUFFER一SIZE值，本發明提供一個麥克風訊號分析的工具程式，以利於安裝過程中找出最佳的INPUT-BUFFER-SIZE值；這個工具是參考麥克風輸入訊號的Entropy值，連續測試不同的讀取長度(從64測試到256 位元組，以32位元組為增加之單位)所產生的Entropy值，然後找出可在較短之讀取長度下製造最大Entropy值的INPUT-BUFFER一SIZE當作參數，並寫入系統的組態設定檔；如果系統在此一讀取長度設定下執行效能太慢，則使用者可以自行編輯此一組態設定檔，減少inputjbuffER_size 值以獲得所需的執行效能。在系統初次執行讀取這些輸入訊號時，將進行一個訊號值的分析以判斷麥克風是否處於正常狀況而能提供隨機的熱雜訊，以免因為音效卡硬體的故障造成亂數品質的低劣；判斷的方法則以訊號之前後相關性為依據， G]續次頁（發明說明頁不敷使用時，請註記並使用續頁） 11 200418266Observe the hash function in the random number post-processing program of the present invention in: (1) different input data lengths; (2) different output hash value lengths; and the influence on the quality of random numbers in two cases. The results show that after the input data exceeds a certain length (several bytes), there is no significant effect on the quality of random numbers. However, different output hash value lengths will affect the entropy of random numbers. The longer the hash value, the higher the entropy value. But the hash value length has no significant effect on the Chi Square distribution value of the random sequence. Therefore, the present invention can use a longer hash function to perform the post-processing operation of the random number sequence to obtain better random number quality. As for the length of the input data, although theoretically increasing its value can increase the randomness of random numbers, usually it will not have a significant improvement after it exceeds a certain length (depending on different operating systems and sound card settings). . In practical design, the length of input data is usually not small enough to affect the quality of random numbers. Therefore, the input data length of the hash function should be increased as much as possible in the case of meeting system performance requirements. [Preferred Embodiment] The present invention uses a sound effect card to produce a high-quality random number sequence. The production process can be divided into two procedures, namely, a thermal miscellaneous fetching procedure and a random value post-processing procedure. The thermal noise acquisition program uses a sound card that is commonly installed on a personal computer or workstation to read the sound hit signal without plugging in a microphone and determine whether the input signal is normal or not. The post-processing program depolarizes these thermal noises to obtain high-quality and unpredictable random numbers. I. Thermal noise processing procedure: First read the sound signal of a certain data length from the sound card. INaud = ReadMicrophone (INPUT BUFFER SIZE) Take ⑽ to indicate the noise value of the input sound card, and INPUT_BUFFER_SIZE is read each time. Data length 'can be set at the time of system installation, and its maximum value depends on the system generating the final random number of continuation pages (when turning pages is not enough, please remember and make the title page). The minimum value depends on the change period of the microphone signal and the length of the hash function after the random number is processed. The principle of determining the length is that if the signal on the sound card does not have enough change patterns under a certain sampling length , Then this length should be set to the minimum value of INPUT-BUFFERJSIZE to obtain randomness of random numbers, and this minimum value should also be greater than the length of the hash function processed after the random numbers; The speed of the random number sequence is also slower, so a trade-off must be made between these two factors to determine the appropriate INPUT_BUFFER_SIZE. Application systems that require more randomness can increase IN PUT_BUFFER-SIZE, and those who are concerned with the performance of the system take the minimum. That is: 512 bits S INPUT_BUFFER SIZE $ INPUT_BUFFER SIZE for minimum RNG speed In order to help users effectively set the INPUT_BUFFER_SIZE value when installing the random number generator system, the present invention provides a microphone signal analysis Tool program to help find the best INPUT-BUFFER-SIZE value during the installation process; this tool refers to the Entropy value of the microphone input signal and continuously tests different read lengths (from 64 to 256 bytes, with 32 Bytes are incremented units), and then find the INPUT-BUFFER_SIZE which can produce the largest Entropy value in a shorter read length as a parameter, and write it into the system configuration file; If the system's execution performance is too slow under this read length setting, users can edit this configuration profile by themselves to reduce the inputjbuffER_size value to obtain the required execution performance. When the system reads these input signals for the first time, a signal value analysis will be performed to determine whether the microphone is in a normal state and can provide random thermal noise, so as to avoid the poor quality of random numbers caused by the failure of the sound card hardware; judgment The method is based on the correlation between the front and back of the signal. G] Continued pages (If the description page of the invention is insufficient, please note and use the continued pages) 11 200418266

若 INaud 的相關係數(Serial correlation coefficient)絕對值大於〇 9則應視為硬體故障，系統_姆的錯誤訊息鱗止執行；若相祕數的絕對值介於、 0.7和0.9之間，職續讀取更多樣本訊號以進_步_之。If the absolute value of the serial correlation coefficient of INaud is greater than 〇9, it should be regarded as a hardware failure, and the error message of the system is not executed. If the absolute value of the phase secret number is between 0.7 and 0.9, Continue to read more sample signals to proceed.

ComputeCorrelationCoefficient 輸入噪音值的相關係數iNscc (INaud);若持續取樣所獲得的相關係數絕對值都是介於〇 7和〇 9之間則系統在取樣測試5次之後即傳回錯誤訊息並終止執行。二、亂數值之後處理：亂數後處理程序利用密碼學中的雜湊演算法所具有的混淆、擴散及壓φ 縮等特性，以解除嗓音輸入值之集中分佈與前後相關性，並可大幅改進亂數序列統計上的品質。ComputeCorrelationCoefficient The correlation coefficient iNscc (INaud) of the input noise value; if the absolute value of the correlation coefficient obtained by continuous sampling is between 〇7 and 〇09, the system will return an error message and terminate the execution after 5 sampling tests. Second, post-processing of random values: The post-processing program of random numbers uses the characteristics of confusion, diffusion, and compression of the hash algorithm in cryptography to eliminate the centralized distribution of voice input values and the front-back correlation, and can greatly improve Statistical quality of random numbers.

Outhash = SHA_512 (INaud)Outhash = SHA_512 (INaud)

Outhash表示經過SHA1的512位元雜湊演算法運算之後所得之亂數輸出值，輸入訊號的INaud長度不應小於512位元，以免降低〇uthash輸出值的隨機度。此外為了增加亂數序列的猜測難度，另行讀取系統的高解析度時間，僅取秒以下的數值進行SHA-1運算。 |Outhash indicates the random number output value obtained after the 512-bit hash algorithm operation of SHA1. The INaud length of the input signal should not be less than 512 bits, so as to avoid reducing the randomness of the output value of 0uthash. In addition, in order to increase the difficulty of guessing the random number sequence, the high-resolution time of the system is read separately, and the value of less than seconds is used for SHA-1 calculation. |

Timehash = SHA」（SysTimehigh一res) 此時將系統秒以下的高解析度時間SysTimehigh」es進行SHA-1運算，取得160bit的雜湊值Timehash再與前面所得的Outhash作XOR運算處理，這個 XOR運算並不作資料的填充(padding)處理。Timehash = SHA "(SysTimehigh_res) At this time, the high-resolution time SysTimehigh" es below the system second is subjected to SHA-1 operation to obtain a 160-bit hash value Timehash and XOR operation with Outhash obtained previously. This XOR operation and No padding of data is performed.

RandomOutput = Outhash XOR Timehash 因此本亂數產生器利用音效卡上的熱雜訊所產生的亂數輸出值長度達 512位元，如果仍不足應用系統所需亂數的長度’則應用系統僅需重複啤叫續次頁（發明說明頁不敷使用時’請註記並使用續頁） 12 200418266 翁明本亂數產生器，即可獲得所需的亂數長度。一般而言這個輸出值會具有如下的亂數品質指標：RandomOutput = Outhash XOR Timehash. Therefore, the random number generator uses the thermal noise on the sound card to generate random output values up to 512 bits. If the random number length is still not enough for the application system, then the application system only needs to repeat. Beer call continuation page (when the description page of the invention is insufficient, please note and use the continuation page) 12 200418266 Weng Ming random number generator, you can get the required random number length. Generally speaking, this output value will have the following random quality indicators:

Entropy 值 Chi square 分佈之亂數預測值算術平均值 Monte Carlo 圓周率相關係數約98% 25 〜75% 97 〜990/〇正確率 0· 5〜4.0% 錯誤率約 0.01 上述的Entropy值指出亂數的資訊密集度，理論上愈趨近於1〇〇%代表鲁愈少重複多餘的資訊，也就是愈具有理想的雜亂度；Chi square分佈之亂數預測值可用以分辨某亂數序列是屬於可預期的虛擬亂數序列，或是屬於難以預測的真實亂數輸出，如果算出的Chi square預測值大於99%或小於 1% ’則表示此亂數序列幾可確定為非隨機性輸出，若其值介於95%和99% 之間或是介於1%和5%之間，則亂數序列也是不夠隨機的，較理想的Chi square預測值應介於10%到90%之間，大量地比較虛擬亂數序列與硬體真實亂數序列所測得的Chi square值，證實Chi square分佈之亂數預測值適於修作為區別虛擬亂數的指標。本發明產製的亂數序列，其chisquare預測值在 25〜75°/。之間，亦即具有隨機的不可預測性。本發明產生亂數序列的作業流程可分為：熱雜訊擷取及亂數值之後處理兩個程序。此外還有設定系統每次讀取麥克風訊號長度的作業。茲分述其流程如下：一、麥克風訊號讀取長度之設定流程（如圖一所示）·· ]續次頁（翻說贿不敷使觸，請註記避臓頁） 13 200418266Entropy value Chi square distribution of random numbers Predicted values Arithmetic mean Monte Carlo Peripheral correlation coefficient is about 98% 25 to 75% 97 to 990 / 〇 Correct rate 0 · 5 to 4.0% Error rate about 0.01 The above Entropy value indicates the Information density, in theory, closer to 100% means that Lu has less redundant information, that is, the ideal degree of clutter; the random number prediction value of the Chi square distribution can be used to distinguish whether a random number sequence belongs to Expected virtual random number sequence, or real random number output that is difficult to predict. If the calculated Chi square prediction value is greater than 99% or less than 1%, it means that this random number sequence can be determined as a non-random output. If the value is between 95% and 99% or between 1% and 5%, the random number sequence is not random enough. The ideal Chi square prediction value should be between 10% and 90%. The Chi square value measured by the virtual random number sequence and the real random number sequence of the hardware is compared, and it is confirmed that the predicted value of the random number of the Chi square distribution is suitable to be used as an index to distinguish the virtual random number. The random number sequence produced by the present invention has a predicted chisquare value of 25 to 75 ° /. Between, that is, random and unpredictable. The operation flow for generating random number sequences in the present invention can be divided into two procedures: thermal noise acquisition and random value processing. There is also the operation of setting the system to read the length of the microphone signal each time. The process is described as follows: 1. The setting process of the microphone signal reading length (as shown in Figure 1) ...] Continued on the next page (turning over the bribe is not enough, please note to avoid the title page) 13 200418266

1·執行迴圈以紀錄麥克風雜訊的Entropy值，讀取長度從64到256位元組，每次增加32位元組； 2·依給疋長度讀取麥克風訊號三次，計算其£ntr〇py的平均值和加權值，權值的异法為，W = E+17/ L。其中的E表示Entropy平均值，L表示讀取訊號長度；紀錄這些數據於資料結構中； 3·從所有的分析紀錄中找到加權值最大的3筆，依照遞減次序寫入系統組悲檔，寫入格式為· L=dd，E=d.dd，W=d。（d表示數字）二、熱雜訊擷取流程（如圖二所示）： 1·如果是第一次被呼叫，讀取系統組態設定檔以獲得 INPUT一BUFFER—SIZE 值； 2·依據系統組態檔的訊號輸入長度，讀取麥克風上的熱雜訊取他。二 KeadMierophaneONPUT一BUFFER—SIZE);如果是第一次執行亂數產生函式’則需執行3·以進行麥克風硬體狀態之分析，否則跳至4·; 3·計算輸入訊號值的相關係數絕對值，若其值大於〇 9則應視為硬體故障，系統傳回相對的錯誤訊息並終止執行； INscc = ComputeCorrelationCoefficient(INAUD)；1. Perform a loop to record the Entropy value of the microphone noise, read the length from 64 to 256 bytes, and increase 32 bytes each time; 2. Read the microphone signal three times according to the length, and calculate its £ ntr. The average and weighted value of py, the weight of the difference is W = E + 17 / L. Among them, E means the average value of Entropy, and L means the length of the read signal; record these data in the data structure; 3. find the 3 most weighted values from all analysis records, write them to the system group tragedy file in descending order, write The input format is · L = dd, E = d.dd, W = d. (D indicates the number) 2. The thermal noise acquisition process (as shown in Figure 2): 1. If it is the first time to call, read the system configuration configuration file to obtain the INPUT_BUFFER_SIZE value; 2. The length of the signal input of the system configuration file. Read the thermal noise on the microphone to get it. (2 KeadMierophaneONPUT_BUFFER_SIZE); if it is the first time that the random number generation function is executed, you need to perform 3 · to analyze the microphone hardware state, otherwise skip to 4 ·; 3 · calculate the absolute correlation coefficient of the input signal value Value, if its value is greater than 0, it should be regarded as a hardware failure, the system returns a relative error message and terminates execution; INscc = ComputeCorrelationCoefficient (INAUD);

If (INscc >= 0.9) return HW ERROR ;If (INscc > = 0.9) return HW ERROR;

If(〇.7<INscc<〇.9){TRY^NO ++ ; if (TRY N〇 > 5) retum HW—ERROR ; GOTO 步驟 3 ; }; 右相關係數的絕對值介於0.7和〇·9之間，則繼續讀取更多樣本訊號以進一步判別硬體狀態；低於07的絕對值則屬於硬體正常的狀態， D續次頁（發明說明頁不敷使用時，請註記並使用續頁） 200418266If (〇.7 < INscc < 〇.9) {TRY ^ NO ++; if (TRY N〇 > 5) retum HW_ERROR; GOTO step 3;}; The absolute value of the right correlation coefficient is between 0.7 and 〇 · Between 9, continue to read more sample signals to further determine the state of the hardware; absolute values below 07 belong to the normal state of the hardware, D continued pages (when the invention description page is insufficient, please note and Use continuation page) 200418266

通過音效卡之測试，並標示硬體狀態的判斷旗標。若持續取樣所獲得的相關係數珊值都是介於〇·7和〇·9之間，系統在取樣職5次之後即傳回錯誤訊息並終止執行； 4·儲存輸入訊號值，完成熱雜訊操取程序。二、亂數後處理（如圖三所示）： 1·計算熱雜訊資料的SHA-1 512bit雜湊函式值： Outhash == SHA—512 (INaud); 2.讀取系統的高解析度時間，僅取秒以下的數值，進行SHA_1運算；這個秒以下的高解析度時間’在Unix上可達到nan〇sec〇nd而wind〇ws系統也可達到millisecond的精確度；Pass the test of the sound card and mark the flag of the hardware status. If the correlation coefficients obtained by continuous sampling are between 0.7 and 0.9, the system will return an error message and terminate the execution after 5 samplings. 4. Store the input signal value to complete the thermal noise Information operation procedures. 2. Random number post-processing (as shown in Figure 3): 1. Calculate the SHA-1 512bit hash function value of the thermal noise data: Outhash == SHA—512 (INaud); 2. Read the high resolution of the system Time, just take the value below second and perform SHA_1 operation; the high-resolution time below this second can reach nan〇sec〇nd on Unix and millisecond accuracy on wind〇ws system;

Timehash = SHA—1 (SysTimehigh—res); 3. 將步驟1.的雜凑值與步驟2·所得之高解析度時間的雜凑值作職運算，這個運算並不作資料的填充(padding)處理；Timehash = SHA—1 (SysTimehigh—res); 3. The hash value of step 1. and the hash value of the high-resolution time obtained in step 2 are used as a post operation. This operation does not perform data padding. ;

RandomOutput = Outhash XOR Timehash ; 4. 清除輸入訊號值，將步驟3.所得結果當作輪出值傳回；完成亂數後處理程序。本發明之較佳之實例：本發明之亂數產生器可細於SSL伺歸·手協商及錢產製程序中，以滿足亂數產生器的速率及品質上之要求。其程序如下 SSL伺服器續次頁（發明說明頁不敷使用時，請註記並使用續頁） 200418266RandomOutput = Outhash XOR Timehash; 4. Clear the input signal value and return the result obtained in step 3. as a round-robin value; complete the random post-processing procedure. The preferred example of the present invention: The random number generator of the present invention can be fine-tuned in the procedures of SSL return and hand negotiation and money production system to meet the speed and quality requirements of the random number generator. The procedure is as follows: SSL server Continued page (When the description page of the invention is insufficient, please note and use the continued page) 200418266

步驟一：接收客戶端傳至的Hello訊息；Step 1: Receive the Hello message from the client;

ClientHello ◄- 步驟二：因為是SSL饲服器第一次執行音效卡亂數功能，需讀取系統組態設定樓以獲得INPUT—BUFFER—SIZE參數值；步称三：系統呼叫音效卡亂數產生器的熱雜訊擷取功能 INaud = ReadMicrophone(INPUT_BUFFER SIZE)；步驟四：因為是第一次執行音效卡亂數功能，需計算訊號的相關係數絕對值以判斷硬體狀態相關係數絕對值；ClientHello ◄- Step 2: Because it is the first time that the SSL feeder performs the random number function of the sound card, you need to read the system configuration setting building to obtain the INPUT_BUFFER_SIZE parameter value. Step 3: The system calls the random number of the sound card The thermal noise acquisition function of the generator INaud = ReadMicrophone (INPUT_BUFFER SIZE); Step 4: Because this is the first time that the random number function of the sound card is executed, the absolute value of the correlation coefficient of the signal needs to be calculated to determine the absolute value of the correlation coefficient of the hardware state;

INscc = ComputeCorrelationCoefFicient(INAUD)；INscc = ComputeCorrelationCoefFicient (INAUD);

If (INscc >= 0.9) return HW^ERROR;If (INscc > = 0.9) return HW ^ ERROR;

If (0.7< INscc <0.9) { TRY NO ++;If (0.7 < INscc < 0.9) {TRY NO ++;

If (TRY—NO > 5) return HWJERROR; GOTO步驟三；設定硬體檢驗旗標； □續次頁 (發明說明頁不敷使用時，請註記並使用續頁） 16 200418266If (TRY—NO > 5) return HWJERROR; GOTO Step 3; Set hardware inspection flag; □ Continued page (If the description page of the invention is insufficient, please note and use the continued page) 16 200418266

步驟五：計算熱雜訊資料的SHA-i 512bit雜凑函式值 Outhash = SHA J12 (INaud)；步驟六：讀取系統秒以下的高解析度時間，進行SKA-1運算，取得祕红的雜湊值Step 5: Calculate the SHA-i 512bit hash function value of the thermal noise data Outhash = SHA J12 (INaud); Step 6: Read the high-resolution time below the system second, and perform SKA-1 operation to obtain the secret red Hash value

Timehash = SHA—l (SysTimehigh res);Timehash = SHA—l (SysTimehigh res);

步驟七：將步驟四的訊號雜湊值與步驟五所得之高解析度時間的雜湊值作 XOR運算，在此不作資料的長度填充處理；Step 7: Perform the XOR operation on the hash value of the signal in step 4 and the hash value of the high-resolution time obtained in step 5, and do not perform data length padding processing here;

RandomOutput = Outhash XOR Timehash ; 步驟八：RandomOutput = Outhash XOR Timehash; Step 8:

ServerHello.random = RandomOutput ；接著SSL伺服器以步驟六所得之亂數值組成回應的Hello訊息，回傳給客戶端。 SSL伺服器ServerHello.random = RandomOutput; then the SSL server composes a Hello message in response with the random value obtained in step 6 and sends it back to the client. SSL server

SSL 客SSL guest

ServerHelloServerHello

ServerHelloDone 續次頁（發明說明頁不敷使用時，請註記並使用續頁) 17 200418266 發_|誠 ---^ L--- 本發明所提供之利用音效卡的亂數產生器，與其他習用技術相互比較、時’更具有下列之優點：一、本發明利用音效卡的亂數產±器，係利用個人電腦或—工作站上普遍裝音效卡，麥克風阜上的嗓音值作為亂數糊的來源，無須另外安裝特定之驅動程式或進行任何設定，大為改善了使用上的便利性且仍具備無可酬的硬體練品質，此外，在去_音城的麟性之處理上，採取理論及實驗分析所得之結果以設計後處理功能，於最佳的亂數品質下兼顧系統之效能。二'本發明利用音效卡的亂數產生器，係採取無法預測的熱雜訊作為亂數原始值，再利用審慎設計的密碼學雜湊演算法進行訊號的雜亂化，所得到的真實亂數序列在各種主要的隨機度評比指標上都具備優良的表現。三、本發明利用音效卡的亂數產生器，係利用512位元的單向雜湊演算法進行亂數序列的後處理作業，不僅提高亂數的品質指標值，也消除了反向破解出原始噪音序列的可能。此外又讀取系統的高解析度時間值與亂鲁數輸出值進行遮罩處理，更增加亂數序列的猜測困難度。上列詳細說明係針對本發明之一可行實施例之具體說明，惟該實施例並非用以限制本發明之專利範圍，凡未脫離本發明技藝精神所為之等效實施或變更，均應包含於本案之專利範圍中。綜上所述’本案不但在技術思想上確屬創新，並能較習用物品增進上述多項功效，應已充分符合新穎性及進步性之法定發明專利要件，爰依法提出申請，懇請貴局核准本件發明專利申請案，以勵發明，至感德便。 [□續次頁（發明說明頁不敷使用時，請註記並使用續頁） 18 200418266ServerHelloDone Continued Page (If the description page of the invention is insufficient, please note and use the continuation page) 17 200418266 _ | Sincerity --- ^ L --- The random number generator using the sound card provided by the present invention, and other The conventional technology is compared with each other, and it has the following advantages: First, the invention uses a random number production device of a sound effect card, which uses a personal computer or a workstation generally equipped with a sound effect card, and the voice value on the microphone is used as a random number paste. Source, there is no need to install a specific driver or make any settings, which greatly improves the convenience in use and still has unrewardable hardware training quality. In addition, in the processing of the instinctivity of _ Yincheng, The results obtained by theoretical and experimental analysis are used to design the post-processing function, taking into account the system performance under the best random number quality. 2. The invention uses a random number generator of a sound card, which uses unpredictable thermal noise as the original value of the random number, and then uses a carefully designed cryptographic hash algorithm to scramble the signal to obtain a real random number sequence. It has excellent performance on various major randomness evaluation indicators. 3. The random number generator using a sound effect card of the present invention uses a 512-bit one-way hash algorithm to perform a post-processing operation of a random number sequence. Noise sequence possible. In addition, the high-resolution time value of the system and the random number output value are read for mask processing, which further increases the difficulty of guessing the random number sequence. The above detailed description is a specific description of a feasible embodiment of the present invention, but this embodiment is not intended to limit the patent scope of the present invention. Any equivalent implementation or change that does not depart from the technical spirit of the present invention should be included in Within the scope of the patent in this case. In summary, 'This case is not only technically innovative, but also enhances the above-mentioned multiple effects over conventional items. It should have fully met the statutory invention patent requirements of novelty and progress, and applied in accordance with the law. We ask your office to approve this. Application for invention patents, to encourage invention, to the utmost. [□ Continued pages (If the description page of the invention is insufficient, please note and use the continued pages) 18 200418266

【圖式簡單說明】請參閱以下有關本發明一較佳實施例之詳細說明及其附圖，將可進一步瞭解本發明之技術内容及其目的功效,·有關該實施例之附圖為：圖一為本發明利用音效卡的亂數產生器之麥克風訊號讀取長度設定流程圖；圖一為該利用音效卡的礼數產生器之熱雜訊擷取與判斷流程圖；以及圖三為該利用音效卡的亂數產生器於亂數序列之後處理流程圖。[Brief description of the drawings] Please refer to the following detailed description of a preferred embodiment of the present invention and the accompanying drawings for further understanding of the technical content of the present invention and its purpose and effects. The drawings related to this embodiment are: One is a flowchart for setting a microphone signal reading length of a random number generator using a sound effect card according to the present invention; FIG. 1 is a flowchart for capturing and judging thermal noise of a gift number generator using a sound effect card; and FIG. The random number generator using the sound effect card processes the flowchart after the random number sequence.

Claims

200418266 Patent Application Scope 1. A random number generator using a sound card is a method for generating high-quality random number sequences by using thermal noise on the sound card. Its architecture includes a universally installed on personal computers and Unix workstations. Sound card, microphone signal acquisition interface, library of the random number generator and a tool program for setting the length of the signal read by the microphone; the process of producing random numbers can be divided into the pre-processing of thermal noise acquisition and analysis and The random number sequence is followed by two parts. 2_ The random number generator using a sound effect card as described in item 1 of the scope of patent application, wherein the pre-processing program includes a method for reading the length of the thermal noise and a method for judging the usable state of the microphone hardware; thermal noise The read length must be set to achieve the best random number quality under the performance required by the system. The method of determining the hardware availability status is based on the correlation between the signals before and after, which can avoid the failure of the sound card hardware. Inferior quality of random numbers. 3. The random number generator using a sound effect card as described in item 1 of the scope of the patent application, wherein the post-processing program includes the selection of a 512-bit one-way hash function, the random number sequence combined with the high-resolution time of the system, and other processing Steps: Selecting a longer hash value is based on the results obtained from theoretical and experimental analysis, which can increase the entropy value of the random number sequence; while combining the high resolution time of the operating system to form the final random number sequence, the random number can be increased in proportion The difficulty of guessing the sequence. 4. The random number generator using a sound card as described in item 1 of the scope of patent application, wherein the tool program for setting the microphone to read the signal length, and the signal analysis and evaluation process and settings can be found in a short reading Take the parameter that produces a larger entropy at length. 20