VEVENT
Attacks on Pseudo-Random Number Generators Hiding a Linear Structure
re
Organizer: Damien Vergnaud (damien.vergnaud@lip6.fr)
Attendee: Florette Martinez
DESCRIPTION:We introduce lattice-based practical seed-recovery attacks aga
inst two efficient number-theoretic pseudo-random number generators: the f
ast knapsack generator and a family of combined multiple recursive generat
ors. The fast knapsack generator was introduced in 2009 by Von Zur Gathen
and Shparlinski. It generates pseudo-random numbers very efficiently with
strong mathematical guarantees on their statistical properties but its res
istance to cryptanalysis was left open since 2009. The given attacks are s
urprisingly efficient when the truncated bits do not represent a too large
proportion of the internal states. Their complexities do not strongly inc
rease with the size of parameters\, only with the proportion of discarded
bits. A multiple recursive generator is a pseudo-random number generator b
ased on a constant-recursive sequence. A combined multiple recursive gener
ator is a pseudo-random number generator based on combining two or more mu
ltiple recursive generators. L’Écuyer presented the general constructio
n in 1996 and a popular instantiation deemed MRG32k3a in 1999. We use alge
braic relations of both pseudo-random generators with underlying algebraic
generators to show that they are cryptographically insecure. We provide a
theoretical analysis as well as efficient implementations.
https://epri
nt.iacr.org/2021/1204
Date: October 14, 2021, 14:00 (Europe/Paris)
URL: https://www.lip6.fr/liens/organise-fiche.php?ident=O1078
Location: Salle 309, couloir 24-25, 4 place Jussieu - 75005 Paris
