^{1}

^{2}

^{1}

^{2}

Random numbers generated by pseudo-random and true random number generators (TRNG) are used in a wide variety of important applications. A TRNG relies on a non-deterministic source to sample random numbers. In this paper, we improve the post-processing stage of TRNGs using a heuristic evolutionary algorithm. Our post-processing algorithm decomposes the problem of improving the quality of random numbers into two phases: (i) Exact Histogram Equalization: it modifies the random numbers distribution with a specified output distribution; (ii) Stationarity Enforcement: using genetic algorithms, the output of (ii) is permuted until the random numbers meet wide-sense stationarity. We ensure that the quality of the numbers generated from the genetic algorithm is within a specified level of error defined by the user. We parallelize the genetic algorithm for improved performance. The post-processing is based on the power spectral density of the generated numbers used as a metric. We propose guideline parameters for the evolutionary algorithm to ensure fast convergence, within the first 100 generations, with a standard deviation over the specified quality level of less than 0.45. We also include a TestU01 evaluation over the random numbers generated.

As we move towards the Big data and the exascale era, with the Internet and many communication devices becoming more prevalent, cyber-security is becoming increasingly important. Many real world computational science applications (such as finance, medicine, and social networks among others) produce tremendous amount of data that not only require a larger storage capacity such as Cloud, but also secure methods for preserving the data from harmful threats.

In recent years, different solution paths had been explored such as new security models [

Over the past few years, with its increasing popularity and wide coverage, Cloud computing has become an important and frequent solution for storage of Big data. There are many challenges to address, one being the new security challenges. Among these new challenges, the combination of managing and storing the keys that provide access to the client’s encrypted data can lead to multiple hazardous situations [

The poor key management problem is exacerbated by two important factors: the accidental key replication and/or the weak random number generation [

In general, random numbers are generated using a pseudo-random number generator (PRNG), a true-random number generator (TRNG) or a combination of both [

On the contrary, true random generators provide stronger solution. These types of generators use non- deterministic or unpredictable sources to generate random numbers, like thermal, avalanche or atmospheric noise. The random number generation process consists of two phases: extraction and post-processing. In the extraction phase, a non-deterministic source is sampled to extract the random numbers. This sampled values may not be completely unbiased or consistent. Therefore, in the post-processing phase, the extracted random numbers undergo a strenuous process that modifies the numbers to satisfy the designed statistical properties - in other words, ensure that the numbers are close to be independent and identically distributed (i.i.d.) with uniform distribution [

In the literature, there are multiple types of sources, design and extraction techniques [

Intel introduced the Intel random number generator [

In [

In this paper, the post-processing algorithm proposed on [

The rest of this paper is organized as follows. In Section 2, we give a brief theoretical introduction about the properties of random numbers, its metrics and algorithms. In Section 3, we present our TRNG framework. Section 4 presents the post-processing phase which includes the genetic algorithm. Section 6 presents the results of the evaluations stated in Section 5. Finally in Section 7, we conclude our work and suggest future work.

Random numbers are a type of numbers that when chosen, its selection process reproduces the characteristics of an underlying distribution. Conceptually, a random number is generated from a random process with the intention to be nearly indistinguishable from a random behavior [

distribution

using a IEEE 754 floating point format. In general, a random number should meet two basic conditions to be considered random: have an uniform distribution and be unpredictable.

In order to observe the distribution of x, the probability mass function (p.m.f.), or

on three properties. The p.m.f. is always positive, its summation of all the p.m.f. is 1.0, and the p.m.f. can be used to calculate the probability of an event by adding all the elements that conform that event. Under ideal conditions, x should follow an uniform distribution, as in p.m.f. in

As well, in ideal conditions all elements of x should be uncorrelated. This can be observed as non-geometric patterns between pairs of contiguous realizations, like between

The autocorrelation is a mathematical tool that calculates the correlation between the elements on a sequence of numbers, like x. It is useful at identifying non-randomness in a sequence and its adequate time series model

[

where

When there is no lag or

autocorrelation function is bounded to

result in an impulse shape, as shown in

and uncorrelated at any other lag,

The execution of the autocorrelation function from (2) is a computational expensive task that requires a total of

like the Welford method [

where in (3),

operation. As well in Equation (3), the variance,

This implementation works well against losing precision due to having catastrophic cancellation, even though it is slightly slower than the naive method,

Another useful tool to review the uncorrelation of random numbers is the power spectral density. It relies on the fact that through Fourier analysis, x can be decomposed into frequency components where it describes the energy distribution per unit of frequency, a distinctive signature between sequences of numbers. The relation between the autocorrelation and the power spectral density can be established with the Wiener-Khinchin theorem, which works under the assumption of x is the output of a stationary process. The stationarity of random numbers will be addressed in the following subsection. For the moment, consider that the power spectral density function is formally be defined as

where f is the frequencies at which the power spectral density is evaluated, and i is the imaginary unit. Its

implementation can follow the proposed algorithm in (3), which only involves

density of random numbers has a step function response at 1, as shown in

Another property between the autocorrelation and the power spectral density is the distribution of the peaks found at

where r is the magnitude of elements in

where t is the frequency at which

the sensitivity of the metric, the computational intensity,

Also, the computational intensity can be evaluated in terms of the data size, as shown in ^{10}, the number of floating points operations grow closely to the number of memory access operations,

In order to keep the consistency of the random numbers definition among realizations, the statistical charac- teristics also need to be constant. As discussed previously, the stationarity of random number generation is key concept in this. Therefore, a stationary process is a process characterized by keeping its p.m.f. constant for any

displacement over the sample indexes, this is

strong-sense stationarity (s.s.s.). As well, process which are s.s.s. are also i.i.d. Unfortunately, in most cases s.s.s. is not achievable, therefore a less restrictive condition is used, wide-sense stationarity (w.s.s.) or covariance stationarity. A w.s.s. process requires only the mean and the autocorrelation to be constant over all sample indexes, presenting a more relaxed constraint.

According to Basu et al. [

where,

normal distribution, we can introduce a user-specified standard deviation error,

The details on the algorithm and how (13) becomes an essential metric will be discussed on Section 4.

In general, there are three phases [

3.1. The digitized noise source/extraction: This phase is composed of a noise source and a digitizer that periodically samples and outputs the digitized analog signal (DAS) random numbers. In this work we exploit the natural sources of randomness of the Intel DRNG available on Ivy Bridge Processors [

3.2. The post-processing phase: This phase transforms the DAS random numbers from the previous phase, into internal random numbers by satisfying the given statistical properties of the distribution. In our case, we propose the post processing phase,

3.3. The buffer phase: This is usually optional and it represents the final phase. The buffered internal random numbers are outputted as the external random numbers.

In

The stationarity enforcement block uses a genetic algorithm (GA) to permute the output (s.i. random numbers) from the histogram equalization block. It is within this block where we ensure the random numbers to meet w.s.s. by iterating with GA until the random numbers meet w.s.s with a user-defined error level or standard deviation,

In

4.1. Sampling semi-internal random numbers: As previously defined, x exhibits

4.2. Shuffling random numbers with GA: In this stage,

A traditional implementation of permutations-based GA involves generating the parents population of random numbers, followed by calculating the permutation indexes. For simplicity, the parents populations are sorted so the crossover operations are consistent among parents. A drawback of this is the need of unsorting the random numbers before evaluating them. Sorting, calculating the permutation indexes and unsorting them can take from

our implementation involves generating the populations of permutation indexes representing the parents. This approach avoids sharing values between parents, instead, it only shares the indexes transferring the order pattern to the children. This approach only involves M operations.

The idea behind this algorithm is presented in Algorithm 1. The sequence order or indexes will be considered as a chromosome solution. As well, we introduce the idea of having an external population that migrates part of its genetic content to the pool, avoiding stagnation. Since, its parallel implementation takes advantage of the data independence, every thread holds a unique id,

- Selection: This procedure selects the pool of permutation indexes. At this stage, the intention is to sample and select a group of permutation indexes that will be later used on the mating process inside the GA. The selec-

tion procedure is illustrated in Algorithm 2. We implement the Fisher-Yates shuffle algorithm due to its uniformity among picking a random permutation and its generation speed [

- Evaluation: This process is focused on evaluating a pool of permutation indexes based on calculating the standard deviation of the power spectral density from Equation (3), as is detailed in Algorithm 3.

- Cross Over: This process is focused on the cross over operation. The Order 1 cross over is a simple permutation based crossover that connects one group of indexes from one parent with the remaining indexes of the other parent. The process is showed in detail in Algorithm 4.

- Mutation: This process is focused on the mutation operation. The exchange mutation, as in Algorithm 5 is a simple technique that only 5% of the times it selects randomly two indexes and swaps their positions.

- Replacement: This process is dedicated to applying elitism by selecting the best sets of indexes based on their fitness values [

- Termination condition: The GA exits when the fitness is

end of its iteration as shown in 1 at line 6; then the algorithm returns the best sequence of random numbers found,

4.3-4.5. Handling the output buffer: In

In this section, we introduce a group of tests to show two aspects: first, the characteristics of the random number generation aided by the GA post-processing; and second, the strengths and weaknesses of the algorithm against the SmallCrush battery test [

5.1. Characteristics of a GA post-processing stage: In this evaluation, we follow the m segment of random numbers analyzing step by step the change on

Having

For the GA parameters, the mutation ratio was set to 0.05% or 5% and the elitism was applied at the replacement stage to all individuals, letting survive only the best fitted individuals, which at the next generation will be considered as the parents pool.

5.2. SmallCrush: This evaluation is intended to highlight the weakness and strengths of the post-processing. It evaluates a vast group of configurations as shown in

- The Birthday Spacing Test. The birthday spacing test checks the separation between numbers by mapping them to points in a cube. It checks that the number of collisions between their the spacing follows a Poisson distribution.

- The Collision Test. This test checks for n-dimensional uniformity, by checking the number of collisions per subdivision of the interval

- The Gap Test. This test checks for the number of times that random number within

- The Simplified Poker Test. This test checks for the number of different integers that are generated, it applies chi-square testing between the observed and expected number of observations.

- The Coupon Collector Test. This test checks over a group of random number integers for integers without collision, unique numbers, it applies chi-square testing between the observed and expected number of observations among the group of random numbers.

- The Maximum-of-t Test. This test checks for the number of times that the maximum random number within

- The Weight Distribution Test. This test takes a group of uniform distributions; then it computes a binomial distribution and it gets compared via chi-square against the expected distribution.

- The Rank of a Random Binary Matrix Test. This test generate a binary matrix with uniform random numbers and then it calculates the rank of the matrix, or the number of linearly independent rows. Then, the probability distribution is compared to a known distribution via chi-square.

- The Independence Test between Hamming Weights of successive blocks. This involves two test that check for independence among Hamming Weights. The first test considers only the most significant bits of random numbers in a block and its corresponding Hamming Weight, then the Hamming Weights are arrange in successive pairs that later are count for the number of possibilities and compared against expected values via a chi-square test. The second test, considers mapping the counting from the first test into a 2-dimensional plane, where it is segmented into 4 blocks that its values are related to an expected value. Therefore, via a chi-square test the observed quantities can be compared to the expected values.

- The Random Walk Test. This test performs a random walk over integers, having an equal probability to move to right or left during the walk. So a group of statistics and the distribution that its position at the end of the test, both, are compared against their theoretical positions via a chi-square test.

Number of Processors | Segment Size | ||||||
---|---|---|---|---|---|---|---|

2 | |||||||

4 | 64 | 16384 | 17408 | 32768 | 49152 | 65536 | 1048576 |

8 |

In this section we present the results according to the evaluation methodology presented in Section 5. The results are presented in the following.

1. Results from the Characteristics of a GA post-processing stage:

As observed on

In

In

generation with

The algorithm converges until generation

ment on the power spectral density is reflected on the autocorrelation as closer appearance of an impulse shape,

As we have reviewed, the underlining idea of the Algorithm 1 is to benefit from the interactions of the pools of parents, children, and externals. To review in more detail these interactions, we look at the effects of those distribution in the following two examples.

It is well known, that one of the major drawbacks of elitism is the reduction of genetic content over the population which perpetuates the stagnation of the fitness function. But as well, elitism is characterized for a smooth fitness function. So in order to compensate for the lack of genetic content the external pool is introduced. In

In contrary to the example on

lack of an external pool. Here, the fitness function tends to stagnate for longer periods and also is noted that children will not impact

Balancing between the two factors is beyond the scope of this paper, but a good inside on which variables contribute to modifying the fitness curve are the pool size and the children to external pool ratio.

2. Results from SmallCrush Test

In order to make easier the review of the results, given that there are 10 SmallCrush evaluations with the 3 different configurations on the numbers of processors and 7 different segment sizes, we present a coded color map highlighting the p-value in Figures 13-15. In a SmallCrush test, the test is passed only if all the 10 evaluations have a p-value within the range of

The first configuration is using 2 processors, where the coded color results are presented at different segment sizes. in

The second configuration is using 4 processors and the results are presented in

The third configurations uses only 8 processors, the results are shown in

Recapitulating the overall SmallCrush tests, the segment size plays a key role on the quality of the tests results. As well, only Maximum-of-t and Random Walks fail among different segment sizes and configurations with different number of processors. The Maximum-of-t test focus on extracting the maximum of a sample set of random values, while the maximums follow an exponential distribution. Therefore, failing Maximum-of-t is due to inherit statistical properties of nearly i.i.d. uniform distributions. This improves at certain segment sizes, cause it aligns with the sample set size of the Maximum-of-t test. The Random Walks rely on the properties found on Markov chains, where the probability of the current position depends on the previous, This means that failing Random Walks is due to a lack of consistency among continuous segments. This evaluation passes when the segment size fits the sampling size used over the random walk so this connecting property is satisfied.

So far, the segment size of 17,408 random numbers is one sub-optimal solution for centering the evaluations, it is almost independent of the number of processors. This condition seems to remain constant as the number of processors is increased, since passing the test is connected to the consistency of

The use of a post-procesing stage for TRNGs using GA inteded for seed generation proves to satisfy the specified quality level within a desirable number of generations. We have presented the theoretical foundations that guarantee the algorithm convergence to a nearby point of

Jose J. Mijares Chan,Parimala Thulasiraman,Gabriel Thomas,Ruppa Thulasiram, (2016) Ensuring Quality of Random Numbers from TRNG: Design and Evaluation of Post-Processing Using Genetic Algorithm. Journal of Computer and Communications,04,73-92. doi: 10.4236/jcc.2016.44007