University Assignment: Pseudo-Random Number Generation and Security

Verified

Added on 2022/09/18

AI Summary

This document presents a comprehensive solution to a Pseudo-Random Number Generation (PRNG) lab assignment. The assignment explores various aspects of random number generation, including generating encryption keys, analyzing entropy, and comparing different sources of randomness like /dev/random and /dev/urandom. Task 1 investigates the impact of seeding the random number generator on key generation. Task 2 involves guessing an encryption key based on a timestamp. Task 3 and 4 measure and analyze the entropy of the system, observing how user actions (mouse movements, file access, and website activity) affect entropy values. Task 5 and 6 explore the generation of random numbers using /dev/urandom and assess their quality. The document includes code, observations, and screenshots to illustrate the findings, providing insights into the security implications of different random number generation methods.

Task1: Generate Encryption Key in a Wrong Way
The file wrong_key.c is created and executed without commenting the line 1:
Output:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

The line 1 is commented out and then the program is executed and the output of the program is shown
below:

When srand() is commented out then the program is generating same key on every execution whereas
when the srand() function was not commented then on each execution the key generated is different.
The purpose of srand function is to seed the random function, if srand is not present or not seeded the
rand function consider srand(1) and generates the random number. To seed with different value time
function is used, with the help time function everytime the program is seeded with different value and
generate pseudo random number. Similarly when srand(time(null)) in the program then everytime
different key is generated and when it commented then same value of key is generated as it consider
seed as 1 by default.
Task 2: Guessing the Key:
The first step to guess the key is to find the epoch value of 2019-04-17 23:08:49 (the timestamp of file)
and the key generation can be within two hours.
We got the epoch value as from “1524013729” to “1524020929”. Now will modify the code of Task 1 to
get all the keys within period of two hours and store in the key.txt file.
Copying all the keys to key.txt file as shown in the below snapshot:

Key.txt file:
Now the python program is created which loops on each key and create cipher text and compares cipher
text with the provided cipher text if match is found then the key is the encryption key:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Hence the encryption keys as below:
Task 3: Measure the Entropy of Kernel:
Running command “cat /proc/sys/kernel/random/entropy_avail” on the terminator, for everytime the
value of entropy on the system gives different results: with every execution the value of entropy
increase.

Now start running the above command using “watch” command which shows the entropy in every 0.1
seconds. During its execution mouse cursor is changed, file is read and website pages are opened using
Mozilla.
watch -n .1 cat /proc/sys/kernel/random/entropy_avail
When mouse cursor changed and mouse is clicked to minimize the terminator:
The value of entropy changes to 1864.
File is read then entropy is changed to 2623 as shown in the below snapshot:

Multiple website opened on the system and we found that the entropy value is high for that:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Activity on the web browser and file ready increase the value of entropy as observed by the above
activity.
Task 4: Get Pseudo-Random Numbers from /dev/random:
For this task the command is executed on and in parallel the entropy value is observed.
Command executed: “cat /dev/random | hexdump”;
If no mouse is moved then entropy value drop to single digit value – 8:
When the mouse is moved then the entropy value is increased again: (Slight movement of mouse
increases the entropy)

If mouse is moved very frequently then the value of entropy reaches to 63.
Observation: When the mouse is moved then the entropy is changed and also when any is pressed the
entropy is changed for higher value.
Explanation: This suggest that the entropy is linked with mouse movement and keyboard key presses.
So this can be concluded for higher change in entropy there will be high movement of random mouse
movement and key press.

Task 5 Get Random Numbers from /dev/urandom:
In this part the 1 megabyte pseudo random number from dev/urandom is written into the output.bin
file and then with the help of command “ent” the entropy is analyzed. As shown in the below snapshot.
In parallel the hexdump is also opened “cat /dev/urandom | hexdump”, whenever mouse pointer is
changed then it has impact hexdump file.
The output.bin is analyzed by using command ent output.bin.
Quality of random number:
The below snapshot shows the entropy value as 7.999836 which is good per byte and also the arithmetic
mean value is also good and 0.0 is uncorrelated. So the overall quality of Random number is good.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Task 6 Get random numbers using /dev/urandom.:
The code is modified to generate encryption key of 256 bit using /dev/urandom:
The output of the program: