Randen - fast backtracking-resistant random generator with
AES+Feistel+Reverie
release_ocbjk47j6re4vgqwdvlo7nl46u
by
Jan Wassenberg, Robert Obryk, Jyrki Alakuijala, Emmanuel Mogenet
2018
Abstract
Algorithms that rely on a pseudorandom number generator often lose their
performance guarantees when adversaries can predict the behavior of the
generator. To protect non-cryptographic applications against such attacks, we
propose 'strong' pseudorandom generators characterized by two properties:
computationally indistinguishable from random and backtracking-resistant. Some
existing cryptographically secure generators also meet these criteria, but they
are too slow to be accepted for general-purpose use. We introduce a new
open-sourced generator called 'Randen' and show that it is 'strong' in addition
to outperforming Mersenne Twister, PCG, ChaCha8, ISAAC and Philox in real-world
benchmarks. This is made possible by hardware acceleration. Randen is an
instantiation of Reverie, a recently published robust sponge-like random
generator, with a new permutation built from an improved generalized Feistel
structure with 16 branches. We provide new bounds on active s-boxes for up to
24 rounds of this construction, made possible by a memory-efficient search
algorithm. Replacing existing generators with Randen can protect randomized
algorithms such as reservoir sampling from attack. The permutation may also be
useful for wide-block ciphers and hashing functions.
In text/plain
format
Archived Files and Locations
application/pdf 448.2 kB
file_h6gs4jy3jjh2vclflbwqvaf4ym
|
arxiv.org (repository) web.archive.org (webarchive) |
1810.02227v1
access all versions, variants, and formats of this works (eg, pre-prints)