Filters

2017 - 201962020 - 20253
Reset filters

Settings

Language: enSubject: Cryptography

Search Results

Now showing 1 - 9 of 9
  • Thumbnail Image
    Article
    Citation - WoS: 11
    Citation - Scopus: 12
    Mutual Correlation of Nist Statistical Randomness Tests and Comparison of Their Sensitivities on Transformed Sequences
    (Tubitak Scientific & Technological Research Council Turkey, 2017) Doganaksoy, Ali; Sulak, Fatih; Uguz, Muhiddin; Seker, Okan; Akcengiz, Ziya
    Random sequences are widely used in many cryptographic applications and hence their generation is one of the main research areas in cryptography. Statistical randomness tests are introduced to detect the weaknesses or nonrandom characteristics that a sequence under consideration may have. In the literature, there exist various statistical randomness tests and test suites, defined as a collection of tests. An efficient test suite should consist of a number of uncorrelated statistical tests each of which measures randomness from another point of view. `Being uncorrelated' is not a well-defined or well-understood concept in the literature. In this work, we apply Pearson's correlation test to measure the correlation between the tests. In addition, we define five new methods for transforming a sequence. Our motivation is to detect those tests whose results are invariant under a certain transformation. To observe the correlation, we use two methods. One is the direct correlation between the tests and the other is the correlation between the results of a test on the sequence and its transformed form. In light of the observations, we conclude that some of the tests are correlated with each other. Furthermore, we conclude that in designing a reliable and efficient suite we can avoid overpopulating the list of test functions by employing transformations together with a reasonable number of statistical test functions.
  • Thumbnail Image
    Article
    Citation - WoS: 29
    Citation - Scopus: 31
    On the Independence of Statistical Randomness Tests Included in the Nist Test Suite
    (Tubitak Scientific & Technological Research Council Turkey, 2017) Sulak, Fatih; Uguz, Muhiddin; Kocak, Onur; Doganaksoy, Ali
    Random numbers and random sequences are used to produce vital parts of cryptographic algorithms such as encryption keys and therefore the generation and evaluation of random sequences in terms of randomness are vital. Test suites consisting of a number of statistical randomness tests are used to detect the nonrandom characteristics of the sequences. Construction of a test suite is not an easy task. On one hand, the coverage of a suite should be wide; that is, it should compare the sequence under consideration from many different points of view with true random sequences. On the other hand, an overpopulated suite is expensive in terms of running time and computing power. Unfortunately, this trade-off is not addressed in detail in most of the suites in use. An efficient suite should avoid use of similar tests, while still containing sufficiently many. A single statistical test gives a measure for the randomness of the data. A collection of tests in a suite give a collection of measures. Obtaining a single value from this collection of measures is a difficult task and so far there is no conventional or strongly recommended method for this purpose. This work focuses on the evaluation of the randomness of data to give a unified result that considers all statistical information obtained from different tests in the suite. A natural starting point of research in this direction is to investigate correlations between test results and to study the independences of each from others. It is started with the concept of independence. As it is complicated enough to work even with one test function, theoretical investigation of dependence between many of them in terms of conditional probabilities is a much more difficult task. With this motivation, in this work it is tried to get some experimental results that may lead to theoretical results in future works. As experimental results may reflect properties of the data set under consideration, work is done on various types of large data sets hoping to get results that give clues about the theoretical results. For a collection of statistical randomness tests, the tests in the NIST test suite are considered. Tests in the NIST suite that can be applied to sequences shorter than 38,912 bits are analyzed. Based on the correlation of the tests at extreme values, the dependencies of the tests are found. Depending on the coverage of a test suite, a new concept, the coverage efficiency of a test suite, is defined, and using this concept, the most efficient, the least efficient, and the optimal subsuites of the NIST suite are determined. Moreover, the marginal benefit of each test, which also helps one to understand the contribution of each individual test to the coverage efficiency of the NIST suite, is found. Furthermore, an efficient subsuite that contains five statistical randomness tests is proposed.
  • Thumbnail Image
    Article
    Citation - WoS: 2
    A SECOND PRE-IMAGE ATTACK AND A COLLISION ATTACK TO CRYPTOGRAPHIC HASH FUNCTION LUX
    (Ankara Univ, Fac Sci, 2017) Sulak, Fatih; Kocak, Onur; Saygi, Elif; Ogunc, Merve; Bozdemir, Beyza
    Cryptography is a science that provides the security of information in communication. One of the most important sub-branches of cryptography is the hash functions. Hash functions are known as the digital fingerprints. Following the recent attacks on the widely used hash functions MD5 and SHA-1 and the increase in computational power, the need for a new hash function standard has arisen. For this purpose, US National Institute of Standards and Technology (NIST) had announced a competition to select a standard hash function algorithm which would eventually become the Third Secure Hash Algorithm, SHA-3. Initially 64 algorithms were submitted to NIST and 51 of them were announced as the First Round Candidates. After an analysis period, 14 of these algorithms were announced as the Second Round Candidates, and 5 algorithms were announced as Finalists. The winner of the competition, Keccak, was announced in 2012. LUX is one of the 64 algorithms submitted to the SHA-3 competition by Nikolic et al. It is designed as a byte oriented stream cipher based hash function. For LUX-256, Schmidt-Nielsen gave a distinguisher and later Wu et al. presented collision attacks, both of which for reduced rounds of LUX. As a result of these attacks, LUX is eliminated in the first round. In this work, we first give a procedure for the second preimage attack. Then we extend this to the collision and second preimage attacks for the reduced rounds of LUX hash family. Moreover, we implement the attacks and give the specific examples by taking the padding into consideration.
  • Thumbnail Image
    Article
    Citation - WoS: 2
    Citation - Scopus: 4
    R-2 Composition Tests: a Family of Statistical Randomness Tests for a Collection of Binary Sequences
    (Springer, 2019) Uguz, Muhiddin; Doganaksoy, Ali; Sulak, Fatih; Kocak, Onur
    In this article a family of statistical randomness tests for binary strings are introduced, based on Golomb's pseudorandomness postulate R-2 on the number of runs. The basic idea is to construct recursive formulae with computationally tenable probability distribution functions. The technique is illustrated on testing strings of 2(7), 2(8), 2(10) and 2(12) bits. Furthermore, the expected value of the number of runs with a specific length is obtained. Finally the tests are applied to several collections of strings arising from different pseudorandom number generators.
  • Thumbnail Image
    Article
    Citation - WoS: 1
    Citation - Scopus: 3
    LS-14 Test Suite for Long Sequences
    (Hacettepe Univ, Fac Sci, 2024) Akcengiz, Ziya; Aslan, Melis; Doğanaksoy, Ali; Sulak, Fatih; Uguz, Muhiddin
    Random number sequences are used in many branches of science. Because of many techni- cal reasons and their practicality, pseudo random sequences are usually employed in place of true number sequences. Whether a sequence generated through a deterministic process is a pseudo random, in other words, random-looking sequence or it contains certain pat- terns, can be determined with the help of statistics and mathematics. Although, in the literature there are many statistical randomness tests for this purpose, there is no much work on test suites specialized for long sequences, that is sequences of length 1,000,000 bits or more. Most of the randomness tests for long sequences use some mathematical ap- proximations to compute expected values of the random variables and hence their results contain some errors. Another approach to evaluate randomness criteria of long sequences is to partition the long sequence into a collection short sequences and evaluate the collec- tion for the ran- domness using statistical goodness of fit tests. The main advantage of this approach is, as the individual sequences are short, there is no need to use mathematical approximations. On the other hand when the second approach is preferred, partition the long sequence into a collection of fixed length subsequences and this approach causes a loss of information in some cases. Hence the idea of dynamic partition should be included to perform a more reliable test suite. In this paper, we propose three new tests, namely the entire R2 run, dynamic saturation point, and dynamic run tests. Moreover, we in- troduce a new test suite, called LS-14, consisting of 14 tests to evaluate randomness of long sequences. As LS-14 employs all three approaches: testing the entire long sequence, testing the collection of fixed length partitions of it, and finally, testing the collection obtained by the dynamic partitions of it, the proposed LS-14 test suit differs from all existing suites. Mutual comparisons of all 14 tests in the LS-14 suite, with each other are computed. Moreover, results obtained from the proposed test suite and NIST SP800-22 suite are compared. Examples of sequences with certain patterns which are not observed by NIST SP800-22 suite but detected by the proposed test suite are given.
  • Thumbnail Image
    Article
    Citation - WoS: 2
    Observations on Nist Sp 800-90b Entropy Estimators
    (Springer, 2025) Aslan, Melis; Doganaksoy, Ali; Saygi, Zulfukar; Turan, Meltem Sonmez; Sulak, Fatih
    Random numbers play a crucial role in cryptography since the security of cryptographic protocols relies on the assumption of the availability of uniformly distributed and unpredictable random numbers to generate secret keys, nonce, salt, etc. However, real-world random number generators sometimes fail and produce outputs with low entropy, leading to security vulnerabilities. The NIST Special Publication (SP) 800-90 series provides guidelines and recommendations for generating random numbers for cryptographic applications and describes 10 black-box entropy estimation methods. This paper evaluates the effectiveness and limitations of the SP 800-90 methods by exploring the accuracy of these estimators using simulated random numbers with known entropy, investigating the correlation between entropy estimates, and studying the impacts of deterministic transformations on the estimators.
  • Thumbnail Image
    Article
    Citation - WoS: 8
    Periodic Template Tests: a Family of Statistical Randomness Tests for a Collection of Binary Sequences
    (Elsevier, 2019) Sulak, Fatih; Doganaksoy, Ali; Uguz, Muhiddin; Kocak, Onur
    In this work, we classify all templates according to their periods and for each template we evaluate the exact probabilities using generating functions. Afterwards, we propose a new family of statistical randomness tests, that is periodic template tests, for a collection of binary sequences. We apply these tests to the outputs of AES, SHA-3, SHA-2 family, SHA-1 and MD5 and the binary expansion of pi and root 2 and biased non-random data to test the power of new tests. Moreover, we give the probabilities for all templates for the overlapping template matching test in the NIST test suite. Afterwards, we analyse the power of templates and compare the periodic template tests with NIST overlapping template test. (C) 2019 Elsevier B.V. All rights reserved.
  • Thumbnail Image
    Article
    RW-9: A Family of Random Walk Tests
    (Springer, 2025) Uguz, Muhiddin; Sulak, Fatih; Doganaksoy, Ali; Kocak, Onur
    In this work, we define a family of nine statistical randomness tests for collections of short binary strings, by making use of random walk statistics. For a binary sequence of length \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\varvec{n}$$\end{document}, we consider the probability of intersecting the line \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\varvec{y=t}$$\end{document} exactly at \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\varvec{k}$$\end{document} distinct points. Although there are some explicit formulas for these probability values in the literature, those applicable to short sequences are not feasible for computations involving sequences of length \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\varvec{256}$$\end{document} bits or more. On the other hand, approximation techniques, or asymptotic approaches, that should be used only when testing long sequences, are not useful for testing sequences of length between \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\varvec{256}$$\end{document} and \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\varvec{4096}$$\end{document}. The recursive formulas, derived in this paper, made it possible to obtain exact values of the corresponding probability distribution functions. Using these formulas, we provide the necessary figures for testing collections of strings of length \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\varvec{2}<^>{\varvec{7}}, \ \varvec{2}<^>{\varvec{8}}, \ \varvec{2}<^>{\varvec{10}}$$\end{document} and \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\varvec{2}<^>{\varvec{12}}$$\end{document} bits. Finally, we apply these nine tests to various collections of strings obtained from different pseudorandom number generators as well as to biased sequences to assess whether the proposed tests can effectively detect non-random data.
  • Thumbnail Image
    Article
    Citation - WoS: 3
    Citation - Scopus: 3
    New Statistical Randomness Tests: 4-Bit Template Matching Tests
    (Tubitak Scientific & Technological Research Council Turkey, 2017) Sulak, Fatih
    For cryptographic algorithms, secret keys should be generated randomly as the security of the system depends on the key and therefore generation of random sequences is vital. Randomness testing is done by means of statistical randomness tests. In this work, we show that the probabilities for the overlapping template matching test in the NIST test suite are only valid for a specific template and need to be recalculated for the other templates. We calculate the exact distribution for all 4-bit templates and propose new randomness tests, namely template matching tests. The new tests can be applied to any sequence of minimum length 5504 whereas the overlapping template matching test in the NIST test suite can only be applied to sequences of minimum length 10(6). Moreover, we apply the proposed tests to biased nonrandom data and observe that the new tests detect the nonrandom behavior of the generator even for a bias of 0.001, whereas the template matching tests in NIST cannot detect that bias.