PseudoRandom Number Generation

1
Pseudo-Random Number Generation

• Generate a random number
• not truly random, but uniform in the space of the
  numbers, so, pseudo.
• Using a pseudo-random bit generator
• There is a seed.
• for any given seed, the sequence of random bits
  generated is same
• Given seed is random, then the generated bits
  look like truly random.
• Many applications
• One-time pad
• Cryptographic keys
• Cryptosystems and security protocols
• Others Monte Carlo algorithm, simulation,
  sampling, testing

2
Typical PRNGs

• LFSR a k-bit seed, an LFSR of degree k will
  produce as many as 2k-k-1 bits.
• Not random length
• Insecure (a 2k bits are enough to break the
  system)
• Linear Congruential Generator
• M, a,b (0lta,bltM-1), k1?log M?, 0?s0 ?M-1 is
  seed
• si(asi-1b) mod M
• f(s0)(z1,z2,,zn), where zisi mod 2.
• Use cryptosystems as PRNG
• Output feedback mode of block cipher
• RSA, DL problem

3
RSA based PRNG generator

• Suppose p,q are two (k/2) bit primes, npq
• gcd(?(n),b) 1 and n, b are public
• For any seed s0?Zn, (s0 has k bits) define
• Si1sib mod n
• f(s0)(z1,z2,,zl), where zisi mod 2.
• Called (k,l)-RSA generator.

4
Objectives of PRNG

• Fast
• some very fast, such as LFSR, but not sure
• suitable for simulation usage
• Secure
• Intuitively, it is impossible in an amount of
  time that is polynomial in k (or l) to
  distinguish a string of l bits produced by a PRNG
  from a string of l truly random bits.
• They may conflict