Presentation is loading. Please wait.

Presentation is loading. Please wait.

A cryptographically secure pseudorandom number generator for Julia

Published byDaniela Franklin Modified over 5 years ago

Similar presentations

Presentation on theme: "A cryptographically secure pseudorandom number generator for Julia"— Presentation transcript:

1 A cryptographically secure pseudorandom number generator for Julia
JuliCha (ChaCha.jl): A cryptographically secure pseudorandom number generator for Julia Adam Sealfon

2 Random numbers in computing
Modeling and simulation Optimization Randomized algorithms Approximation algorithms Primality testing Games, e.g. poker Cryptography

3 Pseudorandom number generators (PRNGs)
True randomness is expensive or limited PRNGs take a short random seed and expand it to produce a long sequence of bits that “look random” Programs can use this instead of true randomness The sequence should have the same statistical properties as a random sequence, e.g.: Roughly equal number of 0s and 1s Short substrings are repeated with the expected probability Ascending and descending sequences should occur in the right pattern Random binary matrices should have high rank etc.

4 The need for better pseudorandomness
For some applications it’s not enough for PRNG output to have the same statistical properties as a random string We want it to be impossible to distinguish from true randomness E.g. Poker, cryptography Poor design or buggy implementations of PRNGs has led to cryptographic breaks

5 Cryptographically secure PRNGs (CS-PRNGs)
No efficient program should be able to tell whether it is given PRNG output or truly random bits Equivalently, having seen many bits of the output, no efficient program should be able to guess the next bit more than 50% of the time Indistinguishable from true randomness, so safe to use for cryptography More complicated than ordinary PRNGs, so they tend to be slower

6 PRNGs in Julia AbstractRNG MersenneTwister ChaCha CS-PRNG
LCG is the old standard. Imperfect, but good enough for many practical purposes. MersenneTwister predictable after 624 iterations Linear Congruential Generator

7 PRNGs in Julia AbstractRNG MersenneTwister JuliCha
LCG is the old standard. Imperfect, but good enough for many practical purposes. Linear Congruential Generator

8 The ChaCha CS-PRNG State consists of 16 32-bit words
Constants State consists of bit words From initial configuration, apply transformation via a sequence of additions, bit shifts, and xors For each counter value, extract 512 pseudorandom bits. Then increment counter. Key Counter Nonce

9 The ChaCha CS-PRNG Relatively fast Easy to parallelize
Constants Relatively fast Easy to parallelize Can be used as a stream cipher for encryption Adopted by Google as the basis for MACs in OpenSSL Key Counter Nonce

10 The U01 Test suite Runs a series of statistical tests on PRNG output
Implemented in Julia package RNGTest.jl JuliCha and MersenneTwister passed all smallCrush tests LCG behaved variably depending on parameters

11 Runtime of ChaCha vs. MersenneTwister

12 Runtime of ChaCha vs. C libcrypto wrapper
Not shown: wrapper for system call to /dev/urandom

13 Runtime of ChaCha vs. C libcrypto wrapper

14 Median time to produce 1000 UInt32s
Mersenne Twister ChaCha C libcrypto wrapper OS /dev/ urandom 3.19 μs μs 1.4 ms 6.8 s 85x faster - 5x slower 25,000x slower

15

16 Encryption using JuliCha

17

Download ppt "A cryptographically secure pseudorandom number generator for Julia"

Similar presentations

CS470, A.SelcukStream Ciphers1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukStream Ciphers1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Random Number Generation Graham Netherton Logan Stelly.

Random Number Generation Graham Netherton Logan Stelly.
Random Number Generation. Random Number Generators Without random numbers, we cannot do Stochastic Simulation Most computer languages have a subroutine,

Random Number Generation. Random Number Generators Without random numbers, we cannot do Stochastic Simulation Most computer languages have a subroutine,
Digital Kommunikationselektroink TNE027 Lecture 6 (Cryptography) 1 Cryptography Algorithms Symmetric and Asymmetric Cryptography Algorithms Data Stream.

Digital Kommunikationselektroink TNE027 Lecture 6 (Cryptography) 1 Cryptography Algorithms Symmetric and Asymmetric Cryptography Algorithms Data Stream.
Stream ciphers 2 Session 2. Contents PN generators with LFSRs Statistical testing of PN generator sequences Cryptanalysis of stream ciphers 2/75.

Stream ciphers 2 Session 2. Contents PN generators with LFSRs Statistical testing of PN generator sequences Cryptanalysis of stream ciphers 2/75.
CIS 5371 Cryptography 3b. Pseudorandomness.

CIS 5371 Cryptography 3b. Pseudorandomness.
CS457 – Introduction to Information Systems Security Cryptography 1b Elias Athanasopoulos

CS457 – Introduction to Information Systems Security Cryptography 1b Elias Athanasopoulos
Random number generation Algorithms and Transforms to Univariate Distributions.

Random number generation Algorithms and Transforms to Univariate Distributions.
Random Number Generators. Why do we need random variables? random components in simulation → need for a method which generates numbers that are random.

Random Number Generators. Why do we need random variables? random components in simulation → need for a method which generates numbers that are random.
Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
© 2003 School of Computing, University of Leeds SY32 Secure Computing, Lecture 15 Implementation Flaws Part 3: Randomness and Timing Issues.

© 2003 School of Computing, University of Leeds SY32 Secure Computing, Lecture 15 Implementation Flaws Part 3: Randomness and Timing Issues.
Stream cipher diagram + + Recall: One-time pad in Chap. 2.

Stream cipher diagram + + Recall: One-time pad in Chap. 2.
The Problem With The Linpack Benchmark 1.0 Matrix Generator Jack J. Dongarra and Julien Langou International Journal of High Performance Computing Applications.

The Problem With The Linpack Benchmark 1.0 Matrix Generator Jack J. Dongarra and Julien Langou International Journal of High Performance Computing Applications.
Pseudorandom Number Generators

Pseudorandom Number Generators
Computer Security CS 426 Lecture 3

Computer Security CS 426 Lecture 3
APPENDIX D RANDOM NUMBER GENERATION

APPENDIX D RANDOM NUMBER GENERATION
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
Pseudorandom Number Generators. Randomness and Security Many cryptographic protocols require the parties to generate random numbers. All the hashing algorithms.

Pseudorandom Number Generators. Randomness and Security Many cryptographic protocols require the parties to generate random numbers. All the hashing algorithms.
Cryptanalysis. The Speaker  Chuck Easttom  

Cryptanalysis. The Speaker  Chuck Easttom  
Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Similar presentations

Ads by Google