Abstract
In our paper, we analyze possibilities to generate true random data in mobile devices such as mobile phones or pocket computers. We show how to extract arguably true random data with a probability distribution ε = 2− 64 close to the uniform distribution in the trace distance. To postprocess the random data acquired from the camera we use a randomness extractor based on the Carter-Wegman universal2 families of hashing functions. We generate the data at the bit rate approximatively 36 bits per second – we used such a low bit rate only to allow statistical testing at a reasonable level of confidence.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Barak, B., Shaltiel, R., Tromer, E.: True random number generators secure in a changing environment. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 166–180. Springer, Heidelberg (2003)
Carter, J.L., Wegman, M.N.: Universal hash functions. Journal of Computer and System Sciences 18, 143–144 (1979)
Goldberg, I., Wagner, D.: Randomness and the Netscape Browser. Dr. Dobb’s Journal, Special issue on Encoding: Encryption, Compression, and Error Correction (1996)
Impagliazzo, R., Levin, L.A., Luby, M.: Pseudorandom generation from one-way functions. In: Proceeding of the 21st ACM Symposium on Theory of Computing (1989)
Impagliazzo, R., Zuckerman, D.: How to recycle random bits. In: Proceedings of the 30th IEEE Symposium on Foundations of Computer Science, pp. 248–253 (1989)
Klingsheim, A.N., Moen, V., Hole, K.J.: Challenges in Securing Networked J2ME Applications. Computer 40, 24–30 (2007)
Krhovjak, J., Svenda, P., Matyas, V.: The Sources of Randomness in Mobile Devices. In: Proceeding of the 12th Nordic Workshop on Secure IT Systems, Reykjavik University, pp. 73–84 (2007)
Lowe, G.: OpenSSL Security Advisory – OpenSSL FIPS Object Module Vulnerabilities (2007), http://www.openssl.org/news/secadv_20071129.txt
Bello, L.: Debian Security Advisory – OpenSSL predictable random number generator (2008), http://www.debian.org/security/2008/dsa-1571
Shaltiel, R.: Recent Developments in Explicit Constructions of Extractors. Bulletin of the EATCS 77, 67–95 (2002)
Shoup, V.: On fast and provably secure message authentication based on universal hashing. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 313–328. Springer, Heidelberg (1996), http://www.shoup.net/papers/macs.pdf
Simonsen, K.I.F., Moen, V., Hole, K.J.: Attack on Sun’s MIDP Reference Implementation of SSL. In: Proceeding 10th Nordic Workshop on Secure IT Systems, Tartu University, pp. 96–103 (2005)
Srinivasan, A., Zuckerman, D.: Computing with very weak random sources. SIAM Journal on Computing 28(4), 1433–1459 (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bouda, J., Krhovjak, J., Matyas, V., Svenda, P. (2009). Towards True Random Number Generation in Mobile Environments. In: Jøsang, A., Maseng, T., Knapskog, S.J. (eds) Identity and Privacy in the Internet Age. NordSec 2009. Lecture Notes in Computer Science, vol 5838. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04766-4_13
Download citation
DOI: https://doi.org/10.1007/978-3-642-04766-4_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04765-7
Online ISBN: 978-3-642-04766-4
eBook Packages: Computer ScienceComputer Science (R0)