Enhanced ANSI X9.17 and FIPS 186 pseudorandom number generators with forward security
First Claim
1. A forward secure ANSI X9.17 pseudorandom number generator, comprising:
- an iteration integer i, wherein i is defined in accordance with a relationship i 0;
a processor;
a key K;
a current state Asi−
1 for each iteration integer i calculated by the processor;
an enhanced keyed block cipher F′
K, wherein the enhanced block cipher F′
K does not require re-keying and is non-invertible even if the key K is known;
an enhanced next state As′
i for each iteration integer i, wherein the enhanced next state As′
i is calculated by the processor such that previous states remain secret even when the key K and the enhanced next state As′
i become known; and
an enhanced pseudorandom number generator output Ay′
i for each iteration integer i, wherein the enhanced pseudorandom number generator output Ay′
i is a function of at least one auxiliary input ti.
2 Assignments
0 Petitions
Accused Products
Abstract
Disclosed herein are apparatuses and methods for generating pseudorandom numbers by making the existing ANSI and FIPS PRNGs forward secure and eliminating the need for re-keying them. A forward secure ANSI PRNG is created which includes an enhanced block cipher that is non-invertible even if the key becomes known and a function of the block cipher used in the existing ANSI PRNG. Additionally, the forward secure ANSI PRNG includes an enhanced next state that allows previous states to remain secret even when the key and the current state become known. A forward secure FIPS PRNG is created which includes a computation of an enhanced next state that is noninvertible.
-
Citations
18 Claims
-
1. A forward secure ANSI X9.17 pseudorandom number generator, comprising:
-
an iteration integer i, wherein i is defined in accordance with a relationship i 0;
a processor;
a key K;
a current state Asi−
1 for each iteration integer i calculated by the processor;
an enhanced keyed block cipher F′
K, wherein the enhanced block cipher F′
K does not require re-keying and is non-invertible even if the key K is known;
an enhanced next state As′
i for each iteration integer i, wherein the enhanced next state As′
i is calculated by the processor such that previous states remain secret even when the key K and the enhanced next state As′
i become known; and
an enhanced pseudorandom number generator output Ay′
i for each iteration integer i, wherein the enhanced pseudorandom number generator output Ay′
i is a function of at least one auxiliary input ti. - View Dependent Claims (2, 3)
-
-
4. A forward secure ANSI X9.17 pseudorandom number generator, comprising:
-
a seed generating function ANSI;
a processor, wherein the processor, using the seed generating function ANSI, returns a key K and an initial state As0;
an input device;
an iteration integer i, wherein i is defined in accordance with a relationship;
i 0;
at least one auxiliary input ti for each iteration integer ti wherein the at least one auxiliary input ti is received by the processor via the input device;
a current state As′
i−
1 for each iteration integer i, wherein the current state As′
i−
1 is calculated by the processor;
a seeded block cipher FK, wherein FK is keyed by the key K;
an enhanced keyed block cipher F′
K, wherein the enhanced seeded block cipher F′
K is keyed by the key K, does not require re-keying, is non-invertible even if the key K is known, and for all of at least one input x, is defined in accordance with a relationship F′
K(x)=FK(x)⊕
x;
an enhanced next state As′
i for each iteration integer i, wherein As′
i is calculated by the processor and defined in accordance with a relationship As′
i=F′
K(As40 i−
1)=FK(As′
i−
1)⊕
As′
i−
1; and
an enhanced pseudorandom generator output Ay′
i for each iteration integer i, wherein Ay′
i is calculated by the processor and defined in accordance with a relationship Ay′
i=F′
K(F′
K(ti)⊕
As′
i−
1.
-
-
5. A computer readable storage medium storing computer readable program code implementing a forward secure ANSI X9.17 pseudorandom number generator, the computer readable program code comprising:
-
a first computer code implementing an enhanced keyed block cipher F′
K, wherein the enhanced block cipher F′
K does not require re-keying and is noninvertible even if the key K is known;
data encoding an iteration integer i, wherein i is defined in accordance with a relationship;
i 0;
a second computer code implementing a current state Asi−
1 for each iteration integer i;
a second computer code implementing an enhanced next state As′
i for each iteration integer i, wherein the enhanced next state As′
i is calculated by the processor such that previous states remain secret even when the key K and the enhanced next state As′
i become known; and
a third computer code implementing an enhanced pseudorandom number generator output Ay′
i for each iteration integer i, wherein the enhanced pseudorandom number generator output Ay′
i is a function of at least one auxiliary input ti.
-
-
6. A forward secure FIPS 186 pseudorandom number generator, comprising:
-
a processor;
a seeded hash function HK;
an iteration integer i, wherein i is defined in accordance with a relationship;
i 0;
an enhanced next state Fs′
i for each iteration integer i, wherein the enhanced next state Fs′
i is non-invertible; and
an enhanced pseudorandom number generator output Fy′
i for each iteration integer i, wherein the enhanced pseudorandom number generator output Fy′
i is calculated by the processor and is a function of at least one auxiliary input ti. - View Dependent Claims (7)
-
-
8. A forward secure FIPS 186 pseudorandom number generator, comprising:
-
a seed generating function FIPS;
a processor, wherein the processor, using the seed generating function FIPS, returns at least one key K and an initial state Fs0;
a keyed hash function HK;
an iteration integer i, wherein i is defined in accordance with a relationship i 0;
an input device;
at least one auxiliary input ti for each iteration integer i, wherein the at least one auxiliary input ti is received by the processor via the input device;
an enhanced current state Fs′
i−
1 for each iteration integer i;
an enhanced pseudorandom generator output Fy′
i for each iteration integer i;
a pseudorandom number generator block length n wherein n is defined in accordance with a relationship n=|Fy′
i|, and wherein Fy′
i is defined in accordance with the relationship Fy′
i=HK((Fs′
i−
1+ti) mod 2n); and
an enhanced next state Fs′
i for each iteration integer i, wherein the enhanced next state Fs′
i is calculated by the processor and defined in accordance with a relationship;
Fs′
i=(HK((Fs′
i−
1+Fy′
i+1+ti) mod 2n)+Fs′
i−
1+Fy′
i+2) mod 2n).
-
-
9. A computer readable storage medium storing computer readable program code implementing a forward secure FIPS 186 pseudorandom number generator, the computer readable program code comprising:
-
a first computer code implementing a keyed hash function HK;
data encoding an iteration integer i, wherein i is defined in accordance with a relationship;
i 0;
a second computer code implementing an enhanced next state Fs′
i for each iteration integer i, wherein the enhanced current state Fs′
i is non-invertible; and
a third computer code implementing an enhanced pseudorandom number generator output Fy40 i for each iteration integer i, wherein the enhanced pseudorandom number generator output Fy′
i is a function of at least one auxiliary input ti.
-
-
10. A method for producing forward secure pseudorandom numbers by altering an ANSI X9.17 pseudorandom number generator, comprising:
-
defining an iteration integer i, wherein i is defined in accordance with a relationship i 0;
replacing a keyed block cipher FK with an enhanced keyed block cipher F′
K, wherein the enhanced keyed block cipher F′
K is non-invertible even if the key K is known;
replacing a current state with an enhanced current state As′
i−
1; and
replacing a next state Asi with an enhanced next state As′
i, wherein As′
i is defined for each iteration integer i, as a function of the enhanced current state As′
i−
1, and allows previous states to remain secret even if the key K and the enhanced next state As′
i become known. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A method for producing pseudorandom numbers by altering an ANSI X9.17 pseudorandom number generator, comprising:
-
defining an iteration integer, wherein the iteration integer is defined in accordance with a relationship i 1;
enabling at least one auxiliary input ti for each iteration integer i;
defining an enhanced keyed block cipher F′
K seeded with a key K, for all of at least one input x in accordance with a relationship F′
K(x)=FK(x)⊕
x;
replacing a keyed block cipher FK with the enhanced keyed block cipher F′
K, wherein the enhanced keyed block cipher F′
K is a non-invertible function even if the key K is known;
replacing a current state Asi−
1 with an enhanced current state As′
i−
1;
replacing a next state Asi with an enhanced next state As′
i, wherein As′
i is defined as a function of the keyed block cipher FK and the current state As′
i−
1 for each iteration integer i in accordance with a relationship As′
i=F′
K(As′
i−
1)=FK(As′
i−
1)⊕
As′
i−
1; and
defining an enhanced pseudorandom generator output Ayi′
for each iteration integer i, wherein Ay′
i is defined in accordance with a relationship Ay′
i=F′
K(F′
K (ti)⊕
As′
i−
1.
-
-
16. A method for producing pseudorandom numbers, comprising altering a FIPS 186 pseudorandom number generator, wherein altering a FIPS 186 pseudorandom number generator comprises replacing a next state Fsi with an enhanced next state Fs′
-
i, wherein the computation of the enhanced next state Fs′
i is non-invertible. - View Dependent Claims (17, 18)
-
i, wherein the computation of the enhanced next state Fs′
Specification