面向软件的随机数发生器设计和实现
Design and implementation of software oriented random number generator
彭金辉 1张志鸿2
作者信息
- 1. 郑州信大捷安信息技术股份有限公司 集成电路设计中心,河南 郑州 450004
- 2. 郑州大学 计算机与人工智能学院,河南 郑州 450001
- 折叠
摘要
为解决软件密码模块产品中随机数发生器的设计问题,特别是单一熵源的安全问题,提出一种通用的面向软件的随机数发生器方案.初始随机数采用系统熵池、本地随机数池和服务端采集的随机数3个熵源,其中系统熵池主要指当前操作系统下的环境噪音,本地随机池指加密保存的一次性真随机数,服务端采集的随机数由硬件随机数发生器产生.产生初始随机数的同时,软件密码模块完成对用户的身份认证,建立客户端和服务端之间的安全通道.给出安全通道分析和随机数质量分析.方案实现依赖操作系统和网络通信,适用于移动智能终端、嵌入式终端等多种设备.
Abstract
To solve the design problem of random number generator in software cryptographic module products,especially the security problem of single entropy source,a general software oriented random number generator scheme was proposed.The ini-tial random number used three entropy sources including the system entropy pool,the local random number pool and the random number collected by the server.The system entropy pool mainly referred to the environmental noise under the current operating system.The local random pool referred to the one-time true random number stored in encryption.The random number collected by the server was generated through the hardware random number generator.While generating the initial random number,the software password module completed the identity authentication of the user and established the secure channel between the client and the server.Safety channel analysis and random number quality analysis were given.The implementation of the scheme depends on the operating system and network communication,and is applicable to mobile intelligent terminals,embedded termi-nals and other devices.
关键词
随机数/软件密码模块/随机数发生器/软件随机数发生器/物理噪声源/操作系统熵池/熵值Key words
random number/software password module/random number generator/software random number generator/physical noise source/operating system entropy pool/entropy引用本文复制引用
基金项目
河南省重大科技专项基金项目(181200211200)
郑州市重大科技创新专项基金项目(2019CXZX0036)
出版年
2024
NETL
NSTL
万方数据