Studies on the Computational Model of PRNG for Data Privacy Risk Mitigation in 5G Networks

Studies on the Computational Model of PRNG for Data Privacy Risk Mitigation in 5G Networks SergiyGnatyuk s.gnatyuk@yu.edu.kz Yessenov University

microdistrict 32, Main building 130000 Aktau Kazakhstan

National Aviation University

Liubomyra Huzara ave.1 03058 Kyiv Ukraine

State Scientific and Research Institute of Cybersecurity Technologies and Information Protection

Maksyma Zalizniaka str.3/6 03142 Kyiv Ukraine

DinaraOspanova Kazakh Humanitarian Juridical Innovative University

Lenin str, 11 070000 Semey Kazakhstan

VolodymyrLytvynenko Kherson National Technical University

Beryslavske shose 24 73008 Kherson Ukraine

ZhaziraAmirgaliyeva zh.amirgaliyeva@gmail.com Al-Farabi Kazakh National University

71 al-Farabi Ave 050040 Almaty Kazakhstan

NuraliNabotShohiyon Dangara State University

Markazi str. 25 735320 Dangara Tajikistan

Studies on the Computational Model of PRNG for Data Privacy Risk Mitigation in 5G Networks B65B1B7F70F856BBFA293F7D357682E1 GROBID - A machine learning software for extracting information from scholarly documents Computational Model, PRNG, Data Privacy, Risk, Algorithm, 5G Networks, Blockchain (N.N.Shohiyon) ORCID: 0000-0003-4992-0564 (S.Gnatyuk) 0000-0002-2206-7367 (D.Ospanova) 0000-0002-1536-5542 (V.Lytvynenko) 0000-0003-0484-8060 (Z.Amirgaliyeva) 0000-0003-2843-0945 (N.N.Shohiyon)

Today, pseudo-random number generators (PRNGs) are used in various systems and applications, including as key generators in stream ciphers, blockchain, game industry and others. The implementation of the latest information and communication technology (in particular, modern 5G networks) strengthens the requirements for privacy risk mitigation of critical data and forces the development of new methods and means for cryptographic security. In the paper, a computational model of PRNG was developed and studied. It allows to build efficient algorithms for privacy risk mitigation. Based on this model, software PRNGs have been developed and studied (speed and security parameters were verified). These will be useful for confidentiality ensuring and data privacy risk mitigation in modern 5G networks as well as blockchain technologies.

Introduction

Today randomness is an important unit in many modern computer applications (especially games, simulations, cryptography). Computers use a form of randomness known as pseudo randomness, it means simulation of randomness. A pseudo random event looks random but is completely predictable or deterministic (result of completely predictable mathematical algorithm). Pseudo-random number generator (PRNG) can be used as key generator in stream ciphers [1] to form large key sequence with small input data of PRNG. This generator creates bit sequence similar to random sequence by statistical parameters. In practice, these sequences are not random and can be reproduced -key sequence should be as longer as possible and variable. PRNG output must be the function of encryption key and it's very important for privacy ensuring. To generate random numbers by computer the hardware should be used (for example, noise from semiconductor devices; bits of digitized sound from the microphone; intervals between interruptions of external or internal devices; intervals between keystrokes; air temperature on hardware components). New communication standard 5G has improved requirements for confidentiality (privacy) as well as novel secure encryption algorithms and PRNG should be developed (Fig. 1) [2].

Related papers analysis

Analysis of related papers in this direction [3][4][5][6] shows different approaches in PRNG creation that influences on their characteristics and properties. There are two following categories of PRNGs: Most up-to-date cryptographic applications require random numbers, for example key generation, cryptographic nonces, salts in certain signature schemes, including ECDSA, RSASSA-PSS. The security and privacy of 5G is better than in 4G (Fig. 2) [7] by using many secure algorithms.

The main part of the research study

Theoretical principles of the model construction

On the basis of analysis, as a prototype of computational model well-known PRNG Trivium [8] was chosen. Trivium is a synchronous stream cipher designed by cryptographers C. De Cannière and B. Preneel to provide a flexible trade-off between speed and gate count in hardware, and reasonably efficient software implementation. Trivium was one of the eSTREAM competition winners and its recommended for using in modern communication networks as hardware unit. To improve PRNG Trivium following modifications were proposed:

1. Parameters n , t , e , k were specified and after their fixing new PRNG structure is forming (capacity of operations is changing). All operations are performing not on the bits but on the vectors of some size (bytes).

2. To improve non-linearity parameters substitution operation ( ) S x was specified. For any new formed PRNG new unique ( ) S x can be specified.

3. To generate pseudo-random sequences PRNG internal status vector i E , key vector for sequence generation K and index of the current iteration of forming (generation) i are used. 4. For generation function gen F stage of variables initialization was modified, the dynamic carry shift and substitution operations were specified.

S x . Computational model description Let , n t Z + ∈ , then for generation pseudo-random sequence M , M V N ∈ , { } 0,1 N V N ∈ with length N n t

= ⋅ bits it is necessary to form t sequences with length n bit: ( )

1 2 1

, , ..., ,

t t M m m m m − = , i n m V ∈ , 1, i t = .

Process of generation everyi m , i n m V ∈ , 1, i t =

performs in the following manner:

( ) 1 , , , i i gen i m E F E K i − = , 1, i t = ,

where i E is internal status vector of PRNG after generation i

-th i m , i e E V ∈ , e Z + ∈ , 0 E IV = , IV is initialization vector, e IV V ∈ , K is key vector for sequence generation, k K V ∈ , k Z + ∈ , gen F is function of generation the sequence i m . Function ( ) , ,

gen F E K i is performing by 2 following stages:

1) variables initialization;

2) sequence forming.

Stage 1 of function ( )

, ,

gen F E K i performing. At the beginning the processing of internal status vector is performing E , e E V ∈ :

( )

E S E i = <<< ,

where x y <<< is operation of right dynamic carry shift of argument x on y bits, ( ) S x is some substitution operation. Next the internal status vector E of PRNG and key vector K are disintegrated on 4 components:

( ) , , , a b c d E E E E E = , e E V ∈ , e a b c d = + + + , a a E V ∈ , b b E V ∈ , c c E V ∈ , d d E V ∈ , , , , a b c d Z + ∈ , ( ) , ,,a b c d K K K K K = , k K V ∈ , k a b c d ′ ′ ′ ′ = + + + , a a K V ′ ∈ , b b K V ′ ∈ , c c K V ′ ∈ , d d K V ′ ∈ , , , , a b c d Z + ′ ′ ′ ′∈ . Vectors a E , b E , c E , d E and a K , b K , c K , d K will be used in the next stage of the function ( ) , , gen F E K i . Stage 2 of function ( ) , ,

gen F E K i . On this stage the forming of sequence m , n m V ∈ is performing. For this objective 4 additional functions ( )

, , A a a F E K i , ( ) , , B b b F E K i , ( ) , , C c c F E K i і ( ) , , D d d

F E K i are using, where A F , B F , C F and D F are functions, that have internal status vector and key vector as input data, and sequence with length n bits as output data. These functions can be constructed on the base of non-linear shift registers, block and stream symmetric ciphers, hash functions and others.

In this case, process of sequence m ,

vectors a E , b E , c E , d E : ( ) , , , a A a a A E F E K i = , n A V ∈ , a a E V ∈ , ( ) , , , b B b b B E F E K i = , n B V ∈ , b b E V ∈ , ( ) , , , c C c c C E F E K i = , n C V ∈ , c c E V ∈ , ( ) , ,,d D d d D E F E K i = , n D V ∈ , d d E V ∈ .

Stage 2. Calculation of the new value internal status vector E ,

e E V ∈ : ( ) , , , b d a c E E E E E = . Stage 3. Formation of the sequence m , n m V ∈ : AB A B = <<< , n AB V ∈ , CD C D = <<< , n CD V ∈ , BC B CD = + , n BC V ∈ , AD AB D = ⊕ , n AD V ∈ , ()m AD S BC = ⊕ , n m V ∈ ,

where ⊕ і + are operations modulo addition 2 and 2 n respectively, ( )

S( ) ( ) , , , gen m E F E K i = .

In this Section computational model of PRNG was described. Based on PRNG Trivium, this model includes internal status vector and key vector processing, dynamic carry shift and 4 nonlinear functions. It allows to construct effective PRNGs for privacy ensuring in modern communication networks (5G networks and others).

Software PRNG development

On the basis of developed computational model 3 PRNGs 5Gen-1, 5Gen-2 and 5Gen-3 was constructed:

5Gen (by the order 8 different substitution tables are using).

Substitution S i , 0,7 i = is constructed with parameters, presented in Tables 2-9.

Experimental study and discussion

Statistical parameters investigation

Statistical parameters of developed PRNGs were investigated using traditional techniques NIST STS [9] and DIEHARD [13]. Given results were compared with testing results of generator BBS as well as stream ciphers SNOW [10] and Trivium (used in 5G networks). NIST STS are used to determine the qualitative and quantitative features of the sequences randomness. Three basic criteria are used to draw conclusions about passing random sequences of statistical tests are following:

 Criterion for decision-making based on the establishment of some threshold level.  Criterion based on establishing a fixed confidence interval.  Criterion for some appropriate statistical test probability value P-value.

The statistical test is based on the verification of null hypothesis H0 -that the sequence under study is random. Alternative hypothesis H1 is also provided -the sequence under study is not random. Therefore, the generated sequence is examined by a set of tests, each of which concludes whether the hypothesis H0 is rejected or accepted. For each test, adequate randomness statistics are selected based on which the hypothesis H0 is further rejected or accepted. Theoretically, the distribution of statistics for the null hypothesis is calculated using mathematical methods. The critical value is then determined from such an exemplary distribution. When performing the test, the value of the test statistic is calculated, which is compared to the critical value. In case of exceeding the test critical value over the reference, hypothesis H1 is accepted, otherwise -hypothesis H0.

For the experiments, the following input parameters were selected for the use of NIST STS:

1. The length of the test sequence n=10 6 bit.

2. The number of sequences being tested m=100. The confidence interval rule was applied, the lower bound being 0.96015. For every algorithms 10 files with sequences (100 Mbit) and investigated by NIST STS technique.

The results of testing are presented on Fig. 3-5. Results presented on Fig. 3-5 as well as detail experimental data (Table 11) show that developed algorithms 5Gen-1, 5Gen-2 and 5Gen-3 have passed complex control by NIST STS technique and show better results (in some cases) than existed and well-known algorithms [11][12]. Results presented on Fig. 6 show that developed algorithms have passed complex security control by DIEHARD technique as well as verified good quality of PRNG and statistical security of potential systems based on these algorithms [14][15][16].

Speed parameters investigation

For investigation developed PRNGs 5Gen-1, 5Gen-2, 5Gen-3 were realized as software tools using programming language С++. Given results were compared with results of well-known SNOW generator. Experimental study was carried out using work station Intel Core i3-3220 3.3GHz and files with different size. Average results are presented on the Table 12. As we can see from Table 12 speed of the developed algorithms are higher in comparison with SNOW till 21% outside two results of 5Gen-3 algorithm.

Conclusions

In this paper analysis of different approaches in PRNG creation and implementation was carried out. Two categories of PRNGs were defined (cryptographically secure and cryptographically insecure) as well cryptographic applications that require random numbers were defined (key generation, cryptographic nonces, salts in certain signature schemes). But there are many relevant tasks related with data privacy risk mitigation and confidentiality ensuring in 4G/5G that can be solved by advanced PRNG development and implementation. Computational model of PRNG was developed. Based on PRNG Trivium, this model includes internal status vector and key vector processing, dynamic carry shift and 4 non-linear functions. It allows to construct effective PRNGs for data privacy risk mitigation in modern communication networks (5G networks and others).

On the basis of developed computational model 3 PRNGs 5Gen-1, 5Gen-2 and 5Gen-3 was constructed and realized as software tools. These PRNGs have passed complex statistical testing by NIST STS technique as well as speed parameters investigation (developed algorithms are higher in comparison with SNOW till 21%).

Additionally, developed algorithms were investigated by DIEHARD technique (one of the best practice and traditional approach in cryptography for measuring quality of PRNG and statistical security). These algorithms have passed complex security control by DIEHARD technique as well as verified good quality of PRNG and statistical security of potential systems based on these algorithms.

Figure 1 :1Figure 1: Privacy ensuring procedures in different network communication standards

Figure 2 :2Figure 2: 4G/5G encryption comparison But there are many relevant tasks related with data privacy ensuring in 4G/5G that can be solved by PRNG development and implementation. From this viewpoint, the main target of this paper is development and study of the computational model of PRNG for data privacy risk mitigation in 5G networks.

Stage 1 .1and new value of internal status vector E , i will be follow: Formation of additional vectors A , B , C і D and calculation of new values of

4 .4Number of tests q=188, among them: Frequency − 1, Block Frequency − 1, Cumulative Sums − 2, Runs − 1, Longest Run − 1, Rank − 1, FFT − 1, Non Overlapping Template − 148, Overlapping Template − 1, Universal − 1, Approximate Entropy − 1, Random Excursions − 8, Random Excursions Variant − 18, Serial − 2, Linear Complexity − 1.

Figure 3 :Figure 4 :Figure 5 :345Figure 3: Statistical portrait of 5Gen-1 algorithm by NIST STS technique

Figure 6 :6Figure 6: Statistical testing results of 5Gen-3 algorithm by DIEHARD technique

, they can work in parallel. For synchronization and optimization of sequence generation procedure the speed of sequence generation should be something like similar.6. Final stage of sequence m forming and operation ordering were modified as well as the substitution operation was specified.Various PRNGs can be constructed by modification / fixing parameters n , t , e , k as wellcryptographically security)all specifying functions A F , B F , C F , D F and operation ( )5. For generation function gen F usage of independent functions A F , B F , C F and D F wasproposed, these functions depend on internal status vector of previous generation stage, keyvector K and index of current iteration of generation i . Output of the functions A F , B F , C Fand D F will be the data of necessary length (input and output data length will be different). Forany new formed PRNG new unique functions A F , B F , C F and D F can be specified. In fact,these functions are independent byte-oriented PRNGs (without requirements for

Table 1 .1-1 was constructed with following set of parametersn =128,a =128,b =100,c =111,d =173,e a b c d = + + + =512,a′ =128,b′ =128,c′ =128,d′ =128,

Table 22Parameters for substitution table0S construction for 5Gen-2 algorithmMCV{ 29, 52, A4, 49, 92, 25, 4a, 94 }07D8

Table 33Parameters for substitution table1S construction for 5Gen-2 algorithmMCV{ 70, E0, C1, 83, 7, E, 1C, 38 }A244

Table 44Parameters for substitution table 2S construction for 5Gen-2 algorithmMCV{ 3E, 7C, F8, F1, E3, C7, 8F, 1F }72

Table 55Parameters for substitution table 3S construction for 5Gen-2 algorithmMCV{ E3, C7, 8F, 1F, 3E, 7C, F8, F1 }439B

Table 66Parameters for substitution table4S construction for 5Gen-2 algorithmMCV{ E5, CB, 97, 2F, 5E, BC, 79, F2 }A08C

Table 77Parameters for substitution table 5S construction for 5Gen-2 algorithmMCV{ AB, 57, AE, 5D, BA, 75, EA, D5 }7BC6

Table 88Parameters for substitution table 6S construction for 5Gen-2 algorithmMCV{ 91, 23, 46, 8C, 19, 32, 64, C8 }EDB0

Table 99Parameters for substitution table 7S construction for 5Gen-2 algorithmMCV{ F8, F1, E3, C7, 8F, 1F, 3E, 7C}18755Gen-3 was constructed with following set of parametersn =128,a =128,b =128,c =128,d =128,e a b c d = + + + =512,a′ =128,b′ =128,c′ =128,d′ =128,k a b c d ′ ′ ′ = + + + = ′512. A F , B F , C F and D F are functions based on AES-128 algorithm. Assubstitution ( ) S x the operation( ) S x=(( ) 63 s x 0, ...,( ) 0 s x 0)was used, wherex8 V j ∈ ,j =0,63, 0 S − підстановка на множині 8 V .Substitution 0 S is constructed with parameters, presented in Tables 10.

Table 1010Parameters for substitution table 0 S construction for 5Gen-3 algorithmMCV{ 20, 40, 80, 1, 2, 4, 8, 10}596B

Table 1111Results of statistical parameters investigation by NIST STS techniquePRNGTest total amount, where passed 99% sequences 96% sequencesBBS133.4 (70.96%)188 (100%)SNOW134.8 (71.70%)188 (100%)Trivium130.1 (69.20%)187.6 (99.78%)5Gen-1134.1 (71,32%)188 (100%)5Gen-2136.4 (72,55%)187.8 (99.89%)5Gen-3137.3 (73,03%)188 (100%)

Table 1212Results of speed parameters investigationPRNGFile 1, 1 МB t ,s v , МB/sFile 2, 10 МB t ,s v , МB/sFile, 100 МB t ,s v , МB/sSNOW0.01190.910.10793.461.0199.015Gen-10.009111.110.091109.890.88113.645Gen-20.010100.000.098102.040.92108.705Gen-30.01471.430.11289.290.99101.01

High-speed and secure PRNG for cryptographic applications ZHu SGnatyuk TOkhrimenko STynymbayev MIavich International Journal of Computer Network and Information Security 12 3 2020 Security Comparison Between Wi-Fi 6 and 5G Analysis of current methods of generating pseudorandom sequences SYevseyev RKoroliov MKrasnyanska Eastern-European Journal of Advanced Technology 3 4 2010 PRNG based on the variant logic WZYang ZJZheng 10.1109/ChinaCom.2012.6417476 7th International Conference on Communications and Networking in China 2012 Entropy global control for a chaos based PRNG RHobincu ODatcu CMacovei 10.1109/TSP.2019.8768818 International Conference on Telecommunications and Signal Processing (TSP) 2019 tatistical test on lightweight block cipher-based PRNG YS SRisqi SWindarta 10.1109/TSSA.2017.8272925 11th International Conference on Telecommunication Systems Services and Applications (TSSA) 2017 5G security is fundamentally better than LTE security but the attack surface is massively increased CDe Cannière BPreneel Report 2005/030 TRIVIUM -Specifications, eSTREAM, ECRYPT Stream Cipher Project 2005 Download documentation and software NIST STS A new stream cipher PEkdahl TJohansson Snow Proceedings of the First NESSIE Workshop the First NESSIE Workshop

NESSIE

2000 Experimental Study of Secure PRNG for Qtrits Quantum Cryptography Protocols SGnatyuk TOkhrimenko AFesenko Proceedings of the 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies (DESSERT 2020) the 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies (DESSERT 2020)

Kyiv, Ukraine

May 14, 2020 Further Analysis of PRNG-Based Key Derivation Functions JMMcginthy AJMichaels IEEE Access 7 2019 Design of a Dynamic Parameter-Controlled Chaotic-PRNG in a 65 nm CMOS process PSPaul MSadia MSHasan 10.1109/DCAS51144.2020.9330647 IEEE 14th Dallas Circuits and Systems Conference (DCAS) 2020 One-Dimensional Nonlinear Model for Producing Chaos ZHua YZhou 10.1109/TCSI.2017.2717943 IEEE Transactions on Circuits and Systems I: Regular Papers 65 1 2018. Jan MIavich AGagnidze GIashvili SGnatyuk VVialkova Lattice based Merkle CEUR Workshop Proceedings 2019 2470 Security analysis of a random number generator based on a double-scroll chaotic circuit SErgün 10.1109/ISCIT.2016.7751605 16th International Symposium on Communications and Information Technologies (ISCIT) 2016