UNDERSTANDING RANDOMNESS IN COMPUTING: TRUE AND PSEUDO-RANDOM NUMBER GENERATORS
Ключевые слова:
Random number generation, pseudo-random number generation, entropy, cryptography, simulations.Аннотация
Random number generation is a critical building block in computer science, underpinning applications in cryptography, simulations, secure communications, and statistical modeling. This paper presents a comprehensive overview of both true random number generators (TRNGs) and pseudo-random number generators (PRNGs)—two fundamentally different approaches to generating randomness. TRNGs rely on inherently unpredictable physical processes, such as thermal noise, radioactive decay, or quantum phenomena, to produce non-deterministic output. In contrast, PRNGs employ algorithmic methods that, while deterministic and reproducible, aim to simulate randomness from an initial seed value.
Библиографические ссылки
Chan, W. K. (2009). Random Number Generation in Simulation.
Gutterman, Z., Pinkas, B., & Reinman, T. (2006). Analysis of the Linux Random Number Generator.
Haahr, M. (2011). Introduction to Randomness and Random Numbers.
Marsaglia, G. (2005). Random Number Generators.
Schneier, B. (2007). Dual_EC_DRBG: A Case Study in Backdoors.
Sunar, B., Martin, W., & Stinson, D. (2006). A Provably Secure True Random Number Generator.
Barker, E., & Kelsey, J. (2015). Recommendation for Random Number Generation Using Deterministic Random Bit Generators (Revised). NIST Special Publication 800-90A Rev. 1. https://doi.org/10.6028/NIST.SP.800-90Ar1
Eastlake, D., Schiller, J., & Crocker, S. (2005). Randomness Requirements for Security. RFC 4086. https://www.rfc-editor.org/rfc/rfc4086
Microsoft. (2023). Cryptography API: Next Generation. Microsoft Docs. https://learn.microsoft.com/en-us/windows/win32/seccng/cng-portal
Microsoft. (2023). BCryptGenRandom function (bcrypt.h). Microsoft Docs. https://learn.microsoft.com/en-us/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom
Linux Kernel Documentation. (2023). Random Number Generator. https://www.kernel.org/doc/html/latest/admin-guide/dev-random.html
Linux man-pages project. (2023). getrandom(2) – Linux manual page. https://man7.org/linux/man-pages/man2/getrandom.2.html
Apple Developer Documentation. (2023). SecRandomCopyBytes. https://developer.apple.com/documentation/security/1399291-secrandomcopybytes
Apple. (2020). Platform Security Guide. https://support.apple.com/guide/security/welcome/web
Gutterman, Z., Pinkas, B., & Reinman, T. (2006). Analysis of the Linux Random Number Generator. IEEE Symposium on Security and Privacy. https://doi.org/10.1109/SP.2006.26
Dorrendorf, L., Gutterman, Z., & Pinkas, B. (2007). Cryptanalysis of the Random Number Generator of the Windows Operating System. ACM CCS. https://doi.org/10.1145/1315245.1315274
Lacharme, P. (2012). Security flaws in Linux's /dev/random. https://eprint.iacr.org/2012/251
BSD Unix. (2022). arc4random and related APIs. https://man.openbsd.org/arc4random
Kelsey, J., Schneier, B., Ferguson, N. (1999). Yarrow-160: Notes on the Design and Analysis of the Yarrow Cryptographic Pseudorandom Number Generator. https://www.schneier.com/paper-yarrow.pdf
Dodis, Y., et al. (2013). Security Analysis of Pseudorandom Number Generators with Input: /dev/random is not Robust. ACM CCS. https://doi.org/10.1145/2508859.2516661
Intel Corporation. (2014). Intel® Digital Random Number Generator (DRNG) Software Implementation Guide. https://www.intel.com/content/www/us/en/content-details/671488/intel-digital-random-number-generator-drng-software-implementation-guide.html
National Institute of Standards and Technology. (2012). A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. NIST SP 800-22 Rev. 1a. https://doi.org/10.6028/NIST.SP.800-22r1a
Müller, T. (2013). Security of the OpenSSL PRNG. International Journal of Information Security, 12(4), 251–265. https://doi.org/10.1007/s10207-013-0213-7
Debian Security Advisory. (2008). Debian OpenSSL Predictable PRNG Vulnerability (DSA-1571). https://www.debian.org/security/2008/dsa-1571
