pseudorandom number generator based on arnold cat map and ... · this system can be represented...
Post on 02-Oct-2020
2 Views
Preview:
TRANSCRIPT
Turk J Elec Eng & Comp Sci
(2017) 25: 633 – 643
c⃝ TUBITAK
doi:10.3906/elk-1507-253
Turkish Journal of Electrical Engineering & Computer Sciences
http :// journa l s . tub i tak .gov . t r/e lektr ik/
Research Article
Pseudorandom number generator based on Arnold cat map and statistical
analysis
Erdinc AVAROGLU∗
Department of Computer Engineering, Faculty of Engineering, Mersin University, Mersin, Turkey
Received: 30.07.2015 • Accepted/Published Online: 05.02.2016 • Final Version: 24.01.2017
Abstract:Pseudorandom number generators (PRNGs) generate random bit streams based on deterministic algorithms.
Any bit stream generated with a PRNG will repeat itself at a certain point, and the bit streams will become correlated.
As a result, all bit streams generated in this manner are statistically weak. Such weakness leads to a strong connection
between PRNGs and chaos, which is characterized by ergodicity, confusion, complexity, sensitivity to initial conditions,
and dependence on control parameters. In this study, we introduce a PRNG that generates bit sequences by sampling two
Arnold cat map outputs. The statistical randomness of bit streams obtained using this PRNG was verified by statistical
analyses such as the NIST test suite, the scale index method, statistical complexity measures, and autocorrelation. The
generated bit streams successfully passed all the analytical tests and can be safely used for the many applications of
randomness.
Key words: Pseudorandom number generator, Arnold cat map, NIST statistical test, scale index, statistical complexity
measure, autocorrelation
1. Introduction
Randomness means being unknown with any certainty. In other words, it means unpredictability in cryptog-
raphy and a lack of relationship between samples in statistics [1,2] . Random numbers, on the other hand,
are numbers that are generated with equal probability so that there is no correlation between the numbers.
Random numbers have been widely used in the fields of simulation, sampling, numerical analysis, decision-
making, entertainment, computer programming, and cryptography. Random numbers must be unpredictable
and irreproducible (nonperiodic) with good statistical properties and uniform distribution [3].
Various number generators such as pseudorandom number generators (PRNGs), true random number
generators (TRNGs), and hybrid random number generators have been developed to generate random numbers.
TRNGs generate random numbers by using a physical process as a source of noise. A hybrid random number
generator is a random number generator that uses random numbers generated by a TRNG as a seed in a PRNG
[4]. A PRNG uses a seed obtained from a source of entropy as the random input and generates bit streams
that cannot be distinguished from those generated by TRNGs by means of calculations. Since these generators
are deterministic, the output value cannot exceed the seed value introduced. Moreover, their streams repeat
themselves after a while, which means that the system is periodic. A nonperiodic system requires a rather large
memory. However, this requirement causes the system to slow down. The system safety of PRNGs depends on
the unpredictability of seeds and the complexity of the functions used in the system. Moreover, the parameters of
∗Correspondence: eavaroglu@gmail.com
633
AVAROGLU/Turk J Elec Eng & Comp Sci
the functions must be carefully selected. The algorithms used by PRNGs include linear feedback shift registers,
midsquare methods, and linear congruential generators [3]. Aside from these generators, chaos, particularly, is
used to generate random numbers in PRNGs due to its properties. These are [5]:
• Ergodicity and confusion
• Sensitivity to initial condition/control parameter
• Deterministic dynamics (deterministic processes lead to random-like (pseudorandom) behaviors)
• Structure complexity and algorithm complexity
Dependence on extreme initial conditions makes chaotic systems very attractive for PRNGs. Chaos is used
for many PRNG designs such as piecewise linear maps [6–9], logistic maps [10,11], and z-logistic maps [12].
In recent studies, the design of chaos-based PRNGs continues. Sun and Lu designed a PRNG system based
on spatial chaotic maps for cryptographic use [13]. Patidar et al. developed a PRNG design that generates
bit streams through a comparison of outputs obtained with two chaotic standard maps with different initial
conditions [14]. Guyeux et al. developed a PRNG design based on chaotic iterations and a combination of
XORShift and ISAAC generators [15], and Pareek et al. developed a PRNG design based on a cross-coupled
chaotic tent map [16]. Lopez et al. developed a PRNG design based on coupled chaotic map (a modification
of a piecewise linear map) [17]. For the PRNG design offered in [18], deterministic chaotic systems were used.
Using three logistic maps, Francois and Defour modified Patidar’s [14] PRNG design based on two logistic maps
and showed that their results were more successful [19]. Francois et al. made PRNG designs composed of a
chaotic logistic map [20] and a mixture of three chaotic maps [21].
These studies indicate a strong link between chaos and PRNGs. Especially for PRNG design, chaotic
maps have been used most. This is because a chaotic map is fast and iterative. Therefore, this study introduces
a PRNG design based on a chaotic Arnold cat map. Using two Arnold cat maps, a bit stream was generated by
passing the random numbers through the compare section. An output bit stream was generated by sampling
the generated bit streams according to the selection rule in the sampler section. The NIST 800-22 test suite
was used to verify that the bit stream generated is statistically random. In addition, the scale index method,
statistical complexity measures, and a correlation test were used to determine whether the generated bit streams
are nonperiodic and correlated.
This article is organized as follows: Section 2 introduces the Arnold cat map. Section 3 describes the
PRNG design. Section 4 describes the statistical analyses used with the generated bit streams and presents the
results of these analyses. Finally, Section 5 evaluates these results.
2. Arnold cat map
Recently, chaos has been commonly used in random number generators [22–26]. This is because the generation
and storage of chaotic number streams has proven to be fast and easy and does not require storing long number
streams. Only a few functions (chaotic maps) and a few parameters (initial conditions) are sufficient even for
very long streams. Moreover, it is possible to generate a large number of number streams easily by simply
changing the initial conditions. These advantages have led to using chaos as a random number generator [27].
This study used the Arnold cat map discovered by Arnold and Avez [28]. The map is named after
Vladimir Arnold, who demonstrated its effects in the 1960s using an image of a cat, as in Figure 1.
634
AVAROGLU/Turk J Elec Eng & Comp Sci
Figure 1. Arnold cat map [29].
To define the Arnold cat map, we first need to define a torus and phase space. A torus is the surface
obtained by revolving a circle in three-dimensional space around a disconnected axis that is coplanar with the
circle. A phase space represents all possible states of a system, and each state corresponds to one unique point.
The map can be now defined as a discrete system in which the trajectories in phase space are stretched and
folded to obtain a torus. The mathematical definition of the Arnold cat map is shown in Eqs. (1)–(4).
Let X =
[xy
]. X is an n×n matrix, and the Arnold cat map transformation is as follows:
Γ :
[xy
]→[
1 11 2
] [xy
]modn =
[1 01 1
] [1 10 1
] [xy
]modn (1)
Γ : (x, y) −→ (x+ y, x+ 2y)modn (2)
This system can be represented like this:
xm = (2xm + ym)modn (3)
ym = (xm + ym)modn (4)
Since this is a chaotic map, made of a discrete system, it expresses the dynamics of chaos. The initial conditions
will affect the map, and its outputs will appear to be random.
3. The proposed PRNG
A random number generator is a tool, a natural source or an algorithm. The random numbers generated by a
random number generator are expected to be unpredictable and irreproducible with good statistical properties.
Some generators use natural sources (nondeterministic), while others use specific algorithms (deterministic).
Any bit stream generated with a deterministic system will repeat itself at a certain point, and the bit streams
will become correlated. As a result, all bit streams generated in this manner are statistically weak. To resolve
these problems, this section introduces a PRNG that uses the Arnold cat map. Figure 2 shows the proposed
PRNG design.
635
AVAROGLU/Turk J Elec Eng & Comp Sci
Figure 2. The proposed PRNG design.
The proposed PRNG is composed of three sections: the random number generation section, the compare
section, and the sampler section. In the random number generation section, Arnold cat map 1 and Arnold cat
map 2 use different initial conditions to generate random numbers. In this study, random bit streams were
generated for 100 different initial conditions and then they were analyzed. However, for the results presented
in this article the initial conditions are x0 = 0.9, y0 = 0.4, z0 = 0.3, and w0 = 0.6, and mod 1 is used since
we want the generated numbers to be in the range of [0, 1].
The bit stream is generated by comparing the random numbers generated in the random number
generation section in the compare section following the rules given in Eqs. (5) and (6).
For Arnold cat map 1: g (xm+1, ym+1) =
{1 if xm+1 ≥ yn−1
0 if xm+1 ≤ yn−1
}(5)
For Arnold cat map 2: g (zm+1, wm+1) =
{1 if zm+1 ≥ wn−1
0 if zm+1 ≤ wn−1
}(6)
Here, n is the length of the bit stream.
In the sampler section, the bit streams generated in the compare section are sampled by using the sampler
rule in Eq. (7) to obtain the output bit stream b i .
sampler rule =
{bi if ai = 1
discard if ai = 0
}(7)
Table 1 shows an example of the sampler rule in use.
Table 1. Example for sampler rule.
ai: Generated bit stream with Arnold cat map 1 10111000111011010110111010bi: Generated bit stream Arnold cat map 2 00101101110011110101010111Sampler rule 0 -101 — 110 -11- 1-10- 010- 1-Output bit stream 0101110111100101
636
AVAROGLU/Turk J Elec Eng & Comp Sci
4. Statistical analysis
Any bit stream generated by PRNGs is expected to be highly random, unpredictable, irreproducible, and
uncorrelated. These properties, however, must be analyzed carefully. This section analyzes the bit stream
generated by the proposed PRNG.
4.1. Randomness test (NIST test suite)
The applicable statistical tests are used to determine whether a generated bit stream is random or not. For
this purpose, various test suites such as FIPS140 [30], NIST [1], Diehard [31], TestU01 [32], and others have
been developed. The best test known to date is the NIST 800-22 test suite released by the National Institute
of Standards and Technology. The NIST 800-22 test suite includes 15 tests and requires success in all of these
tests. The studies of PRNGs with chaotic maps in the literature are declared successful when they pass all the
NIST tests successfully. In this study, the bit streams generated by Arnold cat map 1 and Arnold cat map 2
did not pass all 15 tests. However, the bit streams obtained by sampling the bit streams from Arnold cat map
1 and Arnold cat map 2 according to the sampler rule did successfully pass the entire NIST test suite. The
test results obtained are presented in Table 2. Table 2 also contains the NIST test success rate of bit streams
generated from 100 different initial conditions.
4.2. Scale index method
The scale index technique was proposed by Benitez [33]. This technique enables the obtaining of information
about the periodic nature of generated number series. The technique, which depended on the continuous wavelet
transform (CWT) and wavelet multiresolution analyses, is given below [34]. The scale s and f at time u in the
CWT and scalogram are defined as shown in Eqs. (8) and (9) [24,33,34].
Wf (u, s) := ⟨f, ϕu,s⟩ =∫ +∞
−∞f(t)ϕ∗u,s(t)dt (8)
S (s) := ||Wf(u, s)|| =(∫ +∞
−∞|Wf(u, s)|2du
)(9)
S(s) is the CWT’s energy. The inner scalogram is defined by Eq. (10).
Sin (s) :=||Wf(u, s)||j(s) =
(∫ d(s)
c(s)
|Wf(u, s)|2du
)2
(10)
Here, J(s) = [c(s), d(s)] ⊆ I indicates the maximal subinterval in I. The support of ψu,s is included in I for all
u ϵ j(s). Sin as defined in Eq. (11) is normalized.
Sin (s) =Sin(s)
(d (s)− c (s))12
(11)
The scale index of f in the scale interval [s0, s1] can be described as shown in Eq. (12).
iscale :=S(smin)
S(smax)(12)
637
AVAROGLU/Turk J Elec Eng & Comp Sci
Table 2. NIST test results of the proposed PRNG and success rates for 100 different initial conditions.
Arnold cat map 1 Arnold cat map 2 Output bit streams (b )i
Success rates for
100 di"erent initial
conditions
Test P-value Result P-value Result P-value Result Proportion
Frequency - Not passed 0.980 Passed 0.664 Passed 0.95
Frequency test within a Block - Not passed 0.117 Passed 0.222 Passed 0.95
Runs - Not passed 0.283 Passed 0.241 Passed 0.95
Test for the longest run of ones in a block - Not passed - Not passed 0.904 Passed 0.95
Binary matrix rank 0.988 Passed 0.456 Passed 0.315 Passed 0.95
Discrete Fourier transform - Not passed 0.024 Passed 0.400 Passed 0.95
Nonoverlapping template matching - Not passed - Not passed 0.030 Passed 0.90
Overlapping template matching - Not passed - Not passed 0.854 Passed 0.90
Maurer’s universal statistical - Not passed 0.200 Passed 0.257 Passed 0.90
Linear complexity 0.153 Passed 0.295 Passed 0.030 Passed 0.95
Serial 1 - Passed - Passed 0.104 Passed 0.95
Serial 2 - 0.203 Passed 0.207 Passed 0.95
Approximate entropy - Not passed - Not passed 0.694 Passed 0.90
Cumulative sums - Not passed 0.992 Passed 0.902 Passed 0.90
Random excursion - Not passed
–4
–3
–2
–1
1
2
3
4
0.028
0.131
0.053
0.014
0.266
0.618
0.968
0.580
Passed
–4
–3
–2
–1
1
2
3
4
0.796
0.663
0.846
0.829
0.187
0.939
0.576
0.907
Passed 0.90
Random excursion variant - Not passed
–9
–8
–7
–6
–5
–4
–3
–2
–1
1
2
3
4
5
6
7
8
9
0.228
0.545
0.956
0.798
0.761
0.895
0.823
0.990
0.845
0.728
0.483
0.415
0.501
0.398
0.374
0.434
0.505
0.748
Passed
–9
–8
–7
–6
–5
–4
–3
–2
–1
1
2
3
4
5
6
7
8
9
0.982
0.814
0.636
0.579
0.716
0.600
0.569
0.959
0.820
0.699
0.947
0.625
0.952
0.655
0.681
0.845
0.943
0.942
Passed 0.90
iscale should be in the range of 0 ≤ iscale ≤ 1. If the iscale obtained from the proposed system is 0 or near 0,
the system is nonperiodic. If it is 1 or near 1, the system is defined as periodic.
The scale index plot of the 100 different bit streams obtained from the proposed PRNG is shown in
Figure 3. All the values are 1 or near 1. This shows that the bit streams are nonperiodic.
4.3. Statistical complexity measure
The statistical complexity measure (SCM), based on H-disorder and Q-disequilibrium, was introduced in
previous studies [34,35]. The SCM is a quantifier of the probability distribution P. The SCM is expressed
by Eq. (13).
638
AVAROGLU/Turk J Elec Eng & Comp Sci
Figure 3. Scale index plot of 100 different bit streams.
C[P ] = Q[P ] ∗H[P ] (13)
For the probability distribution P = {P i, I = 1. . . N} and its information measure S, the disorder H is defined
as in Eq. (14).
H[P ] = S[P ]/Smax (14)
Smax = S[Pe ], where Pe= [1/N, . . . , 1/N ] is the equilibrium distribution so that (0 < H[P ] < 1) is true. S is
the Shannon entropy as in Eq. (15).
S[P ] = −N∑1
Pi log2 Pi (15)
Q is defined as the distance in probability space. To calculate Q with Eq. (16), Euclidean distance (DE) is
used.
Q [P ] = QE [P, Pe] = Q(E)0 DE [P, Pe] = QE
0
N∑1
{Pi −
1
N
}2
(16)
Q(E)0 = N/(N − 1) such that 0 ≤ QE ≤ 1.
For nonperiodic streams, SCM and Q must be zero or near zero, while H[P] must be 1 or near 1.
The results of the SCM performed with 16-bit and 32-bit blocks of the bit streams obtained from the
proposed PRNG are presented in Figures 4 and 5, respectively.
The results show that for both the 16-bit and 32-bit blocks the SCM and Q are zero or near zero, while
H[P] is 1 or near 1. This shows that the generated bit stream is nonperiodic.
4.4. Autocorrelation test
Correlation is an indication of a linear relationship between two variables or more and has a value between +1
and –1. If the value is 0 or near 0, then there is no linear relationship between the variables. The aim of this
test is to check the correlation between the generated bit stream b i and its shifted version. We assume that d
is a constant integer and 1 ≤ d ≤ (n/2). The mathematical expressions of the test are given in Eqs. (16) and
(18) [36].
A (d) =n−d−1∑i=0
bi ⊕ bi+d (17)
639
AVAROGLU/Turk J Elec Eng & Comp Sci
Figure 4. The 16-bit statistical complexity measure results: (a) Shannon entropy, (b) disequilibrium, (c) statistical
complexity.
Figure 5. The 32-bit statistical complexity measure results: (a) Shannon entropy, (b) disequilibrium, (c) statistical
complexity.
Here, ⊕ is the XOR operator and n is the length of the bit stream. The following random variable is defined:
X5 =2 [A (d)− (n− d)/2]√
n− d(18)
If {b i} is a true random stream and n→ ∞ , this random variable has a normal distribution N(0, 1). Assuming
α = 0.05, if |X5 | < 1.6449, the test is successful [36].
The correlation test results for the proposed PRNG are shown in Table 3.
640
AVAROGLU/Turk J Elec Eng & Comp Sci
Table 3. Autocorrelation test results for the proposed PRNG.
Test D value X5 value Result
Autocorrelation
8 –0.175 Success10 0.363 Success13 –0.527 Success20 0.518 Success25 –0.857 Success100 0.576 Success500 –0.076 Success1000 –0.06 Success
5. Conclusion
This study introduces a PRNG design based on the Arnold cat map. The randomness of the bit streams
generated by the proposed PRNG were measured using specific analytical methods. The results of these analyses
show the bit streams generated by means of Arnold cat map 1 and Arnold cat map 2 did not pass the NIST tests,
but they managed to pass the tests successfully after sampling according to the proposed system’s sampler rule.
The bit streams generated were checked for nonperiodicity, and all 100 bit streams displayed nonperiodicity
in the scale index. Furthermore, the SCM results show that the system is not periodic. The final analysis
searched for a correlation between the zeros and ones in the generated bit stream and showed that there is no
such correlation. In conclusion, the bit streams generated by the proposed PRNG can be used in a variety of
applications. The analyses have shown that the proposed system can also be used in cryptographic systems
since it is simple and user-friendly and it can generate high-quality random number streams. The only drawback
of the proposed system is that the bit rate decreases after sampling.
References
[1] Rukhin A, Soto J, Nechvatal J, Smid M, Banks D. A statistical test suite for random and pseudorandom number
generators for statistical applications. Gaithersburg, MD, USA: NIST Special Publications on Computer Security,
2001.
[2] Kenny C, Mosurski K. Random Number Generators. Dublin, Ireland: Distributed Systems Group, Trinity College,
2005.
[3] Deng LY, Lin DKJ. Random number generation for the new century. Am Stat 2000; 54: 145-150.
[4] Hu Y, Liao X, Wong K, Zhou Q. A true random number generator based on mouse movement and chaotic
cryptography. Chaos Soliton Fract 2012; 40: 2286-2293.
[5] Gleick J. Chaos: Making a New Science. New York, NY, USA: Viking, 1987.
[6] Stojanovski T, Kocarev L. Chaos-based random number generators-part I: analysis [cryptography]. IEEE T Circuits-
I 2001; 48: 281-288.
[7] Shujun L, Xuanqin M, Yuanlong C. Pseudo-random bit generator based on couple chaotic systems and its applica-
tions in stream-cipher cryptography. Lect Notes Comp Sc 2001; 2247: 316-329.
[8] Fu SM, Chen ZY, Zhou YA. Chaos-based random number generators. Comput Res Dev 2004; 41: 749-754.
[9] Li XM, Shen HB, Yan XL. Characteristic analysis of a chaotic random number generator using piece-wise-linear
map. J Electron Inf Technol 2005; 27: 874-878.
[10] Bahi JM, Fang X, Guyeux C, Larger L. FPGA design for pseudorandom number generator based on chaotic iteration
used in information hiding application. Appl Math Inf Sci 2013; 7: 2175-2188.
641
AVAROGLU/Turk J Elec Eng & Comp Sci
[11] Rahimov H. Improving middle square method RNG using chaotic map. Appl Math 2011; 2: 482-486.
[12] Wang L, Wang FP, Wang ZJ. Novel chaos-based pseudo-random number generator. Acta Phys Sin 2006; 55: 3964-
3968.
[13] Sun F, Liu S. Cryptographic pseudo-random sequence from the spatial chaotic map. Chaos Soliton Fract 2009; 41:
2216-2219.
[14] Patidar V, Sud KK, Pareek NK. A pseudo random bit generator based on chaotic logistic map and its statistical
testing. Informatica 2009; 33: 441-452.
[15] Guyeux C, Wang Q, Bahi JM. Pseudo random numbers generator based on chaotic iterations: application to
watermarking. Web Inf Syst Min 2010; 6318: 202-211.
[16] Pareek NK, Patidar V, Sud KK. A random bit generator using chaotic maps. Int J Netw Secur 2010; 10: 32-38.
[17] Lopez ABO, Maranon GA, Estevez AG, Degano GP, Garcıa MR, Vitini FM. Trident, a new pseudo random number
generator based on coupled chaotic maps. Advances in Intelligent and Soft Computing 2010; 85: 183-190.
[18] Elsherbeny MN, Raha M. Pseudo – random number generator using deterministic chaotic system. International
Journal of Scientific & Technology Research 2012; 1: 95-97.
[19] Francois M, Defour D. A Pseudo-Random Bit Generator Using Three Chaotic Logistic Maps. Research Report.
Montpellier, France: LIRMM, 2013.
[20] Francois M, Defour D, Negre C. A fast chaos-based pseudo-random bit generator using binary64 floating-point
arithmetic. Informatica 2014; 38: 115-124.
[21] Francois M, Grosges T, Barchiesi D, Erra R. Pseudo-random number generator based on mixing of three chaotic
maps. Commun Nonlinear Sci Numer Simul 2014; 19: 887-895.
[22] Wang X, Qin X. A new pseudo-random number generator based on CML and chaotic iteration. Nonlinear Dyn
2012; 70: 1589-1592.
[23] Avaroglu E, Tuncer T, Ozer AB, Turk M. A new method for hybrid pseudo random number generator. J Micro-
electron Electron Compon Mater 2014; 44: 303-311.
[24] Avaroglu E, Tuncer T, Ozer AB, Ergen B, Turk M. A novel chaos-based post-processing for TRNG. Nonlinear Dyn
2015; 81: 189-199.
[25] Tuncer T, Avaroglu E, Turk M, Ozer AB. Implementation of non-periodic sampling true random number generator
on FPGA. J Microelectron Electron Compon Mater 2014; 44: 296-302.
[26] Ozkaynak F. Cryptographically secure random number generator with chaotic additional input. Nonlinear Dyn
2014; 78: 2015-2020.
[27] Alatas B, Akin E, Ozer AB. Chaos embedded particle swarm optimization algorithms. Chaos Soliton Fract 2009;
40: 1715-1734
[28] Arnold VI, Avez A. Problemes Ergodiques de la Mecanique Classique. Science 1968; 159: 1344-1344 (in French).
[29] Saratov Group. Classic Arnold’s Cat and Other Maps on a Torus. Saratov, Russia: Saratov Group, 2012. Available
online at http://www.sgtnd.narod.ru/science/cat/classic/eng/classic.htm.
[30] Rukhin A, Soto J, Nechvatal J, Smid M, Barker E, Leigh S, Levenson M, Vangel M, Banks D, Heckert A et al.
A Statistical Test Suite for Random and Pseudo Random Number Generators for Cryptographic Applications.
Gaithersburg, MD, USA: NIST, 2010.
[31] Marsaglia G. The Marsaglia Random Number CDROM Including the Diehard Battery of Tests of Randomness.
Available online at http://stat.fsu.edu/pub/diehard/.
[32] L’ecuyer P, Simard R. TestU01: A C library for empirical testing of random number generators. ACM T Math
Software 2007; 33: 22.
[33] Benıtez R, Bolos VJ, Ramırez ME. A wavelet-based tool for studying non-periodicity. Comput Math Appl 2010;
60: 634-641.
642
AVAROGLU/Turk J Elec Eng & Comp Sci
[34] Akhshani A, Akhavan A, Mobaraki A, Lim SC, Hassan Z. Pseudo random number generator based on quantum
chaotic map. Commun Nonlinear Sci Numer Simul 2014; 19: 101-111.
[35] Lopez-Ruiz R, Mancini HL, Calbet X. A statistical measure of complexity. Phys Lett A 1995; 209: 321-326.
[36] Menezes AJ, Oorschot PC, Vanstone SA. Handbook of Applied Cryptography. Boca Raton, FL, USA: CRC Press,
1996.
643
top related