Cryptographically secure pseudo-random bit generator for fast and secure encryption
First Claim
1. Apparatus for generating an output stream of cryptographically strong pseudo-random bits from an input stream of random bits, the apparatus comprising:
- means, responsive to the input stream, for forming a first seed from the input stream;
means, responsive to the input stream, for forming a second seed from the input stream;
means, responsive to the input stream, for selecting a set of bits from the input stream;
random function processor circuitry for generating a random function processor bit stream including means for performing a one-way stretching function, said means for performing the one-way stretching function comprising means for performing a plurality of parallel one-way functions to generate a plurality of larger random numbers and means for concatenating the plurality of larger random numbers to generate the random function processor bit stream;
graph processor circuitry for generating a graph processor bit stream including means for performing an expander graph function using the second seed and the set of bits from the input stream; and
means, responsive to the random function processor bit stream and the graph processor bit stream, for generating the output stream as the bitwise exclusive-OR of the random function processor bit stream and the graph processor bit stream.
12 Assignments
0 Petitions
Accused Products
Abstract
A pseudo-random number generator is used as a pre-processing step to generating a long random bit string. The bit string is then "stretched" by performing certain one-way functions in parallel on the bit strings. In a preferred embodiment, specialized constructions based on expander graphs are also used. Preferably, the strings generated by the one-way functions and expander graphs are exclusive-ored. An embodiment may operate in the following manner. Assume a slow but secure generator G0.
1. Using G0, generate random numbers x1, x2, . . . , xn.
2. Using a stretch function, stretch the random numbers into R=r1, r2, . . . , rn where each ri is a predetermined amount longer than xi.
3. Use R as a one-time pad for encryption.
This process provides a long, random, cryptographically secure bit string. This bit string is sufficiently fast to support encryption processes suitable for real-time, on-line encryption, such as video stream encryption and TCP/IP layer encryption.
-
Citations
8 Claims
-
1. Apparatus for generating an output stream of cryptographically strong pseudo-random bits from an input stream of random bits, the apparatus comprising:
-
means, responsive to the input stream, for forming a first seed from the input stream; means, responsive to the input stream, for forming a second seed from the input stream; means, responsive to the input stream, for selecting a set of bits from the input stream; random function processor circuitry for generating a random function processor bit stream including means for performing a one-way stretching function, said means for performing the one-way stretching function comprising means for performing a plurality of parallel one-way functions to generate a plurality of larger random numbers and means for concatenating the plurality of larger random numbers to generate the random function processor bit stream; graph processor circuitry for generating a graph processor bit stream including means for performing an expander graph function using the second seed and the set of bits from the input stream; and means, responsive to the random function processor bit stream and the graph processor bit stream, for generating the output stream as the bitwise exclusive-OR of the random function processor bit stream and the graph processor bit stream.
-
-
2. A method for generating successive output streams of cryptographically strong pseudo-random bits from an input stream of random bits, the method comprising the steps of:
-
(a) responsive to the input stream, forming a first seed from the input stream for processing by a random function processor; (b) responsive to the input stream, forming a second seed from the input stream for processing by a graph processor; (c) responsive to the input stream, selecting a set of bits from the input stream for processing by the graph processor; (d) in the random number processor, performing a one-way stretching function, said step of performing the one-way stretching function comprising the steps of performing a plurality of parallel one-way functions to generate a plurality of larger random numbers, and concatenating the larger random numbers to generate a random function processor bit stream; (e) in the graph processor, performing an expander graph function using the second seed and the set of bits from the input stream to generate a graph processor bit stream; (f) responsive to the random function processor bit stream and the graph processor bit stream, generating the output stream as the bitwise exclusive-OR of the random function processor bit stream and the graph processor bit stream; and (g) returning to steps (c), (d), (e), and (f) to generate successive output streams.
-
-
3. A method for generating an output stream of cryptographically strong pseudo-random bits from an input stream of random bits, the method comprising the steps of:
-
(a) responsive to the input stream, forming a first seed from the input stream for processing by a random function processor; (b) responsive to the input stream, forming a second seed from the input stream for processing by a graph processor; (c) responsive to the input stream, selecting a set of bits from the input stream for processing by the graph processor; (d) in the random number processor, performing a one-way stretching function, said step of performing the one-way stretching function comprising the steps of performing a plurality of parallel one-way functions to generate a plurality of larger random numbers, and concatenating the larger random numbers to generate a random function processor bit stream; (e) in the graph processor, performing an expander graph function using the second seed and the set of bits from the input stream to generate a graph processor bit stream; and (f) responsive to the random function processor bit stream and the graph processor bit stream, generating the output stream as the bitwise exclusive-OR of the random function processor bit stream and the graph processor bit stream. - View Dependent Claims (4, 5)
-
-
6. A method for generating an output stream of cryptographically strong pseudo-random bits from an input stream of random bits, the method comprising the steps of:
-
(a) responsive to the input stream of random bits, forming a seed from the input stream for processing by a random function processor; and (b) in the random function processor, performing a one-way stretching function on the seed as a first input, said step of performing the one-way stretching function comprising the steps of performing a plurality of one-way functions on the seed using different random numbers as second inputs to generate a plurality of larger random numbers and concatenating the larger random numbers to generate the output stream. - View Dependent Claims (7, 8)
-
Specification