{"title":"Cryptanalysis on Two Kinds of Number Theoretic Pseudo-Random Generators Using Coppersmith Method","authors":"Ran Zhang, Jingguo Bi, Lixiang Li, Haipeng Peng","doi":"10.1049/ise2/5569393","DOIUrl":null,"url":null,"abstract":"<div>\n <p>Pseudo-random number generator (PRNG) is a type of algorithm that generates a sequence of random numbers using a mathematical formula, which is widely used in computer science, such as simulation, modeling applications, data encryption, et cetera. The efficiency and security of PRNG are closely related to its output bits at each iteration. Especially, we have recently found that linear congruential generator (LCG) is commonly used as the underlying PRNG in short message service (SMS) app, fast knapsack generator (FKG), and programming languages such as Python, while the quadratic generator plays an important role in Monte Carlo method. Therefore, in this paper, we revisit the security of these two number-theoretic pseudo-random generators and obtain the best results for attacking these two kinds of PRNGs up to now. More precisely, we prove that when the mapping function of LCG and the quadratic generator is unknown, if during each iteration, generators only output the most significant bits of <i>v</i><sub><i>i</i></sub>, one can also recover the seed of PRNG when enough consecutive or nonconsecutive outputs are obtained. The primary tool of our attack is the Coppersmith method which can find small roots on polynomial equations. Our advantage lies in applying the local linearization technique to the polynomial equations to make them simple and easy to solve and applying the analytic combinatorics method to simplify the calculation of solution conditions in the Coppersmith method. Experimental data validate the effectiveness of our work.</p>\n </div>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"2025 1","pages":""},"PeriodicalIF":1.3000,"publicationDate":"2025-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2/5569393","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Information Security","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/ise2/5569393","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Pseudo-random number generator (PRNG) is a type of algorithm that generates a sequence of random numbers using a mathematical formula, which is widely used in computer science, such as simulation, modeling applications, data encryption, et cetera. The efficiency and security of PRNG are closely related to its output bits at each iteration. Especially, we have recently found that linear congruential generator (LCG) is commonly used as the underlying PRNG in short message service (SMS) app, fast knapsack generator (FKG), and programming languages such as Python, while the quadratic generator plays an important role in Monte Carlo method. Therefore, in this paper, we revisit the security of these two number-theoretic pseudo-random generators and obtain the best results for attacking these two kinds of PRNGs up to now. More precisely, we prove that when the mapping function of LCG and the quadratic generator is unknown, if during each iteration, generators only output the most significant bits of vi, one can also recover the seed of PRNG when enough consecutive or nonconsecutive outputs are obtained. The primary tool of our attack is the Coppersmith method which can find small roots on polynomial equations. Our advantage lies in applying the local linearization technique to the polynomial equations to make them simple and easy to solve and applying the analytic combinatorics method to simplify the calculation of solution conditions in the Coppersmith method. Experimental data validate the effectiveness of our work.
伪随机数生成器(Pseudo-random number generator, PRNG)是一种使用数学公式生成随机数序列的算法,广泛应用于计算机科学,如仿真、建模应用、数据加密等。PRNG算法的效率和安全性与每次迭代的输出比特数密切相关。特别是,我们最近发现线性同余生成器(LCG)在短消息服务(SMS)应用程序、快速背包生成器(FKG)和Python等编程语言中通常用作底层PRNG,而二次生成器在蒙特卡罗方法中起着重要作用。因此,本文重新研究了这两种数论伪随机生成器的安全性,并获得了迄今为止攻击这两种伪随机生成器的最佳结果。更确切地说,我们证明了当LCG与二次元生成器的映射函数未知时,如果每次迭代时,生成器只输出vi的最高有效位,当获得足够的连续或非连续输出时,也可以恢复PRNG的种子。我们攻击的主要工具是Coppersmith方法,它可以找到多项式方程的小根。我们的优势在于对多项式方程采用局部线性化技术,使其易于求解,并采用解析组合方法简化了Coppersmith方法中求解条件的计算。实验数据验证了我们工作的有效性。
期刊介绍:
IET Information Security publishes original research papers in the following areas of information security and cryptography. Submitting authors should specify clearly in their covering statement the area into which their paper falls.
Scope:
Access Control and Database Security
Ad-Hoc Network Aspects
Anonymity and E-Voting
Authentication
Block Ciphers and Hash Functions
Blockchain, Bitcoin (Technical aspects only)
Broadcast Encryption and Traitor Tracing
Combinatorial Aspects
Covert Channels and Information Flow
Critical Infrastructures
Cryptanalysis
Dependability
Digital Rights Management
Digital Signature Schemes
Digital Steganography
Economic Aspects of Information Security
Elliptic Curve Cryptography and Number Theory
Embedded Systems Aspects
Embedded Systems Security and Forensics
Financial Cryptography
Firewall Security
Formal Methods and Security Verification
Human Aspects
Information Warfare and Survivability
Intrusion Detection
Java and XML Security
Key Distribution
Key Management
Malware
Multi-Party Computation and Threshold Cryptography
Peer-to-peer Security
PKIs
Public-Key and Hybrid Encryption
Quantum Cryptography
Risks of using Computers
Robust Networks
Secret Sharing
Secure Electronic Commerce
Software Obfuscation
Stream Ciphers
Trust Models
Watermarking and Fingerprinting
Special Issues. Current Call for Papers:
Security on Mobile and IoT devices - https://digital-library.theiet.org/files/IET_IFS_SMID_CFP.pdf
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
