Paper 2022/120

Practical Seed Recovery of Fast Cryptographic Pseudo Random Number Generators

Florette Martinez

Abstract

Trifork is a family of pseudo-random number generators described in 2010 by Orue et al. It is based on Lagged Fibonacci Generators and has been claimed as cryptographically secure. In 2017 was presented a new family of lightweight pseudo-random number generators: Arrow. These generators are based on the same techniques as Trifork and designed to be light, fast and secure, so they can allow private communication between resource-constrained devices. The authors based their choices of parameters on NIST standards on lightweight cryptography and claimed these pseudo-random number generators were of cryptographic strength. We present practical implemented algorithms that reconstruct the internal states of the Arrow generators for different parameters given in the original article. These algorithms enable us to predict all the following outputs and recover the seed. These attacks are all based on a simple guess-and-determine approach which is efficient enough against these generators. We also present an implemented attack on Trifork, this time using lattice-based techniques. We show it cannot have more than 64 bits of security, hence it is not cryptographically secure.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Keywords
cryptanalysispseudo-randomness
Contact author(s)
florette martinez @ lip6 fr
History
2022-02-09: received
Short URL
https://ia.cr/2022/120
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/120,
      author = {Florette Martinez},
      title = {Practical Seed Recovery of Fast Cryptographic Pseudo Random Number Generators},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/120},
      year = {2022},
      url = {https://eprint.iacr.org/2022/120}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.