【作者】 胡月；

【导师】 廖晓峰；

【作者基本信息】 重庆大学 ， 计算机系统结构， 2008， 博士

【摘要】 随机数发生器已在各个领域得到了非常广泛的应用,如进程调度、电子游戏、数值分析中的蒙特卡罗方法和统计抽样技术等。随机数发生器也是加密算法和协议的重要组成部分,对称加密的密钥和非对称加密的公钥/私钥对也需要随机生成。在许多加密协议中也要用到随机数发生器。随机数发生器通常分为两种:真随机数发生器(TRNGs)和伪随机数发生器(PRNGs)。真随机数发生器的熵源通常来自于真实的物理世界,如热噪声,大气噪声,放射性衰减甚至掷硬币。一般来说,合格的真随机数发生器产生的随机序列通常被认为是安全的。但是,设计更加便宜方便的真随机数发生器仍然是研究者努力的目标。本论文研究选择了以鼠标轨迹和手写签名为代表的生物特征(主要是人类行为特征)作为随机数发生器的熵源,并结合图像加密、Hash函数、信号处理等不同领域的算法,以此设计出新颖的、便利的随机数发生器。本论文的主要工作包括:①提出并研究了基于生物特征的真随机数发生器的设计方法。这种新颖的随机数发生器的优点是便宜、方便且在PC机上具有通用性。同时,这种随机数发生器很容易作为组件与生物特征认证系统和生物特征密码系统方便地进行集成。②设计了基于图像加密和鼠标轨迹图的真随机数发生器。论文对多种图像加密算法产生随机序列的性能进行了分析、研究和实验,为了提高随机序列的产生速度,较为深入地讨论了分块加密模式下图像加密算法的扩散性,并给出了实现严格雪崩效应的理论最少迭代轮数,从而提出了“不碰撞扩散”的思路。基于该思路,设计了两个新的算法,实验对比表明,新算法在速度、敏感性和随机性测试中表现出了良好的性能。③设计了基于Hash函数和鼠标轨迹序列的真随机数发生器。通常Hash函数在处理数据方面快于图像加密算法,且Hash值本身也具有随机性。混沌Hash函数能够帮助消除同一个用户的鼠标轨迹中的相似模式。论文给出了真随机数发生器的算法框架,采用不同的混沌Hash函数进行对比,并改进了其中一种算法。实验证明,基于改进算法的随机数发生器产生的序列具有良好的随机性。④研究了基于在线手写签名的随机数发生器。传统的生物特征认证系统是最大程度提取生物特征的相似模式,抛弃随机性,与之相反,本论文研究着重于提取和放大隐藏于生物特征中的随机信号,从而生成随机性良好的随机序列。在对不同的生物特征、信号处理方法和数位提取方法进行了大量实验的基础上,提出了三种基于信号特征提取的真随机数发生器。该方法生成的随机性序列通过了NIST的部分测试。同时实验结果表明,这类算法的速度明显快于采用图像加密和部分Hash算法产生随机序列。⑤将基于手写签名的真随机数发生器应用在一类生物特征密码系统——模糊保险箱里。其数据处理算法采用了基于TD-ERCS的Hash函数。为了提高算法的性能,对TD-ERCS进行了改进。理论分析和实验结果表明,与本论文提出的所有算法和一些经典算法相比,基于改进TD-ERCS的随机数发生器产生随机序列的速度最快。生成的随机序列通过了所有统计测试。最后,在基于Windows mobile的PDA上实现了这款基于手写签名的真随机数发生器。最后对论文进行了总结,并给出了论文的不足和今后研究工作的方向。更多还原

【Abstract】 Random number generators are widely used in various computer applications such as processes schedule, electronic games, Monte-Carlo methods on numerical analysis and statistical sampling techniques. Moreover, it is a necessary component for cryptographic algorithms and protocols. the keys for symmetric cryptosystems or the public/private key pairs for asymmetric cryptosystems should be generated randomly. RNGs are also used to create challenges, nonces, padding bytes, and blinding values in many cryptographic protocols. There are two basic types of generators used to produce random sequences: true random number generators (TRNGs) or pseudorandom number generators (PRNGs). TRNGs are usually based on physical phenomena such as thermal noise, atmospheric noise, radioactive decay and even coin-tossing. They are considered to generate random sequences with a higher security. However, it is still hard to find cheap and convenient TRNGs. In this paper, a novel type of TRNGs is proposed and researched, which is based on biometric characteristics, especially the mouse movement and handwriting signature of a specific user. Some of the conclusions of this paper are listed as follows.First of all, the new type of TRNGs based on biometric characteristics are proposed and discussed. As far as we know, such TRNGs are researched for the first time. It is cheap, convenient and universal for the personal computer (PC) platform. Furthermore, such TRNG can be easily integrated with biometric cryptosystems.Secondly, the images encryption algorithms are advised to process the mouse movements traces for the construction of TRNG and production of random numbers. To improve the processing speeds, the diffusion characteristics of image encryption algorithms are studied deeply. Several image encryption algorithms are tested for the generation of random numbers, and two new proposed algorithms perform better than others in sensitivity and randomness test.Thirdly, several TRNGs based on mouse movement and hash function are proposed and compared. Hash functions can process data faster usually than encryption algorithms and the hash value is also presented random-like properties. The discretized chaotic maps inside hash functions help a lot to eliminate the common patterns among mouse movements caused by the habit of the same user. Experiments show that the revised hash function based on chaotic tent map passes all 15 NIST statistical tests while achieve satisfactory processing speed.Fourthly, TRNGs based on human handwriting signatures are studied. In contrast to signature verification techniques, where the similarity of a person’s signature is extracted, the diversity of the signatures for the same user becomes more interesting for the extraction of randomness. After a great amount of attempt with different signature features, signal processing approaches, and bit extraction methods, three TRNGs based on signature feature extraction are determined, which are demonstrated fast and effective.Fifthly, a TRNG based on handwriting signature is integrated with fuzzy vault biometric cryptosystem. The signature is processed by a hash function based on improved TD-ERCS. The theoretical analysis and experiments show that such TRNG has the highest speed than those based on image encryption algorithms or hash functions. This TRNG is also implemented on a window mobile PDA.Finally, the dissertation is concluded. Some problems as well as further work are also given.更多还原