Abstract
In last years, low-dimensional and high-dimensional chaotic systems have been implemented in cryptography. The efficiency and performance of these nonlinear systems play an important role in limited hardware implementations. In this context, low-dimensional chaotic systems are more attractive than high-dimensional chaotic systems to produce the pseudorandom key stream used for encryption purposes. Although low-dimensional chaotic maps present some security disadvantages when they are used in cryptography, they are highly attractive due its simple structure, discrete nature, less arithmetic operations, high output processing, and relatively easy to implement in a digital system. In this paper, we proposed both a pseudorandomly enhanced logistic map (PELM) and its application in a novel pseudorandom number generator (PRNG) algorithm, which produces pseudorandom stream with excellent statistical properties. The proposed PELM is compared with logistic map by using histograms and Lyapunov exponents to show its higher benefits in pseudorandom number generator. In contrast to recent schemes in the literature, we present a comprehensive security analysis over the proposed pseudorandom number generator based on pseudorandomly enhanced logistic map (PRNG–PELM) from a cryptographic point of view to show its potential use in secure communications. In addition, the randomness of the PRNG–PELM is verified with the most complete random test suit of National Institute of Standards and Technology (NIST 800-22) and with TestU01. Based on security results, few arithmetic operations required, and high output rate, the proposed PRNG–PELM scheme can be implemented in secure encryption applications, even in embedded systems with limited hardware resources.
Similar content being viewed by others
1 Introduction
In the last decade, chaotic cryptography has received much attention and interest from researches because they present several interesting properties such as extreme sensibility to initial conditions and control parameters, ergodicity, mixing data, pseudorandom behavior, and determinism. According to Shannon [1], all these properties are strongly related to cryptography properties to design encryption algorithms with complexity in the source system and with excellent confusion and diffusion processes, where the position and the value of plain text are modified, respectively [2]. In an encryption algorithm, the chaotic system is used to produce pseudorandom sequences to encrypt the plain message by using some technique. For example, chaotic systems have been employed for image encryption at MATLAB simulation level [3–12], and recently they have been implemented in embedded encryption systems such as in microcontrollers and field-programmable gate arrays (FPGA) [13–20]. Therefore, the pseudorandom sequences produced by the chaotic system are very important to achieve a high level of security in cryptosystems based on chaos.
The logistic map has been widely used in several cryptosystems based on chaos [3–6]. Nevertheless, the one-dimensional logistic map has some disadvantages when it is used in cryptography such as chaotic discontinuous ranges, not uniform distribution, small space key, and periodicity in chaotic ranges [21]. On the other hand, the one-dimensional chaotic systems have powerful advantages such as simple structure, easy to implement in digital systems, minor memory consumption and physical resources, and high-speed processing [22]. Therefore, it is necessary to improve the pseudorandom properties generated from the logistic map to achieve better security in a cryptosystem.
On the other hand, random numbers generator (RNG) can be classified basically into two types: true random number generator (TRNG) by using physical process (non-deterministic) and pseudorandom number generator (PRNG) by using mathematical algorithms (deterministic).
TRNG uses non-deterministic physical nature processes such as quantum random processes, thermal noise, photon noise, free-running oscillators, frequency jitter in oscillator, and chaotic laser [23–25]. They could be sampled by digitization, and post-processing techniques can be implemented to improve the randomness. TRNGs should be un-predictable, un-reproducible, and statistically unbiased [26].
Thermal and photon noise are traditional TRNG with outputs up to Mbit/s. Nevertheless, chaotic lasers have received much attention in last years due to the high bandwidth and the extreme sensitivity to initial conditions with up to hundreds of Gbit/s. In 2008, Uchida et al. proposed for the first time a TRNG based on two unrelated ultra-wide bandwidth chaotic lasers. The laser is converted to electrical signal by photon detectors, amplified, and digitized to produce sequences of random bits up to 1.7 Gbit/s [27]. Huang et al. [28] proposed a TRNG based on super-luminescent diode as the physical entropy source with 3 Gbit/s. In the same year, Wang et al. presented new scheme of all-optical TRNG based on the nonlinear effects in highly nonlinear fibers with speed up to 10 Gbit/s [29]. Argyris [30, 31] proposed truly random bit streams with bit rates as high as 560 Gbit/s based on optical amplified spontaneous emission sources and 140 Gbit/s based on chaotic-photonic integrated circuit, respectively. All these references pass the National Institute of Standards and Technology (NIST) 800-22 statistical tests for random and pseudorandom numbers [32].
In recent years, TRNGs based on FPGA implementation have received attention of researches. In 2016, Koyuncu and Özcerit presented a Xilinx Virtex-6 FPGA implementation of the Sundarapandian–Pehlivan chaotic system for TRNG with speed of 58.76 Mbit/s. The random sequence produced by TRNG was verified by FIPS 140-1 and NIST 800-22 statistical standards [33]. In 2015, Avaroğlu et al. presented a novel chaos-based post-processing for TRNG based on electrical noise by using ring oscillator (RO) as entropy source and the logistic map in the post-processing stage for high-quality random numbers. They implemented the proposed scheme on Altera FPGA board, and it was tested successfully with NIST 800-22 test suit and TESTU01 [34]. In the same year, Avaroğlu et al. proposed a new hybrid PRNG with an additional input based on chaotic TRNG to meet all the security requirements, i.e., to eliminate the shortcomings of the raw PRNGs such as being predicted and regenerated. This novel hybrid scheme avoids to calculate the following random numbers if the internal state value is known or if it is possible to predict the internal state value even when it is not known. In addition, the scheme is implemented on Virtex-6 FPGA chip, meets the NIST 800-22 test suite, FIPS statistical test, and can be used in cryptographic applications [35]. In 2014, Avaroğlu et al. proposed a new method for hybrid PRNG (based on chaotic Chua system) by adding an additional input to the PRNG with a TRNG system having 5 ROs (performed on FPGA). The scheme passed the NIST 800-22 test suite successfully, and it was showed that hybrid system can be used in cryptographic systems [36]. Tuncer et al. [37] presented a TRNG based on RO and its implementation on FPGA for 3 different scenarios, i.e., jitter, which is obtained from RO on FPGA, and it was used as noise source; sampling of jitter was done by usage of non-periodic signals; and sinusoidal iterator with chaotic behavior, which was employed to get the non-periodic signal. Statistical tests of generated numbers were successful according to NIST 800-22 test suit.
Furthermore, PRNG uses deterministic digital process by an digital algorithm. These RNGs are called pseudorandom number generator (PRNG), which is based on an algorithm to produce a pseudorandom determinism sequence from an initial value called seed in a mathematical process. The PRNG should achieve excellent statistical properties, fast execution time, repeatability, reproducibility, and its security must be based on the difficulty to solve the related mathematical problem.
In digital stream encryption schemes, the PRNG is one of the principal components since most of the cryptographic security depends on it. In last years, PRNG has been proposed based on low-dimensional chaotic maps, see, e.g., [38–49]. In addition, high-dimensional chaotic maps have been proposed for PRNG in [50, 51], but more computational power, time processing, and resources of implementation are required in these schemes.
In 2015 [38], the authors proposed a PRNG based on piecewise logistic map (PLM), which is an enhanced version of logistic map. The authors presented a security and efficiency analysis based on 15 test of NIST suite to show the performance requirements of a PRNG. Nevertheless, the scheme needs 18 arithmetic operations to achieve a 8-bit number. In the same year in [39], the authors presented a cryptographically secure pseudorandom number generator (CSPRNG) based on multimodal discrete systems called k-modal maps (based on logistic map) and the combination of its k-time series by XOR operation. These multimodal maps yield a pseudorandom sequences with longer period to avoid the problem of periodicity presented in logistic map. The CSPRNG is evaluated with NIST and satisfactory results were found, where maps with \(k \ge 2\) lie inside the confidence interval and are cryptographically secure according to the test suite. Nevertheless, neither speed nor correlation analysis was shown over the CSPRNG sequence. Stoyanov and Kordov [40] proposed a PRNG based on two Tinkerbell maps. Some security tests were presented such as key space, key sensitivity, speed, and correlation. Although the statistical test was successful, the Tinkerbell map is a two-dimensional system, and if the PRNG algorithm uses two maps, there are 26 arithmetic operations in each iteration, which could give a low-speed processing in limited hardware digital systems.
In 2014 [41], the authors proposed a novel pseudorandom number generator based on the quantum chaotic map. They present some successful statistical tests such as NIST, DIEHARD, ENT, and TestU01. Nevertheless, the chaotic map is governed by three difference equations with too many arithmetic operation and it requires high computational power, which produces low speed in the PRNG generation such as in [40]. François et al. [42] presented a PRNG algorithm based on mixing three chaotic maps produced from an input initial vector. The authors present a statistical and security analysis such as NIST (fifteen tests developed to quantify and to assess the randomness of binary sequences), correlation, key sensitivity (or seed sensitivity), and differential attack. Based on [42], François et al. in [43] proposed a new PRNG algorithm by combining three chaotic logistic maps by using binary-64 floating-point arithmetic and XOR operation, which produces a block of 32 random bits at each iteration to increase the throughput of the generator. Some statistical tests are achieved such as correlation and NIST test.
In 2010, Pereek et al. [44] proposed a cross-coupled chaotic random bit generator (CCCBG), where random bit streams are generated by comparing two orbits produced by cross-coupled piecewise linear chaotic maps (which is composed of two skew tent maps). Some statistical tests such as frequency test, poker test, serial test, autocorrelation, and NIST test were achieved successfully. In 2009, Patidar et al. [45] and Patidar and Sud [46] proposed a novel pseudorandom bit generator (PRBG) based on two chaotic logistic maps and two chaotic standard maps, respectively. The chaotic maps are running side-by-side and starting from random independent initial conditions. Their schemes were studied for the NIST and DIEHARD tests suite, which are considered the most stringent statistical tests suites for randomness.
In all above references related to both PRNGs and TRNGs, almost all authors conclude that the proposed scheme could be used to design new secure cryptosystems. In all references, the randomness was successfully tested with several standards, i.e., such as NIST 800-22, FIPS 140-2, TESTU1, and others. Nevertheless, several security analyses were omitted from a cryptographic point of view.
In a comparative analysis between TRNG and PRNG, TRNGs extract the randomness from a physical process that behave in a fundamentally non-deterministic way, and they can produce high output rate up to hundreds of Gbit/s. Therefore, TRNG is a better candidate for genuine random number generation. Nevertheless, TRNG could not present the same random properties in a mass production as the prototype, since external fluctuations can modify the main function of the physical process. In addition, thy are at high cost. PRNGs use a digital algorithm, and the initial seed could be re-used to produce the same pseudorandom sequence. This can cause serious problems for applications in security since once the attacker knows the seed and the algorithm, it is possible to obtain the entire key information easily. Nevertheless, PRNGs are flexible, practical, and at low cost since they can be implemented in any programming electronic device with few resources. Therefore, they are highly attractive, but PRNG’s algorithms must be designed and examined carefully to resist known cryptographic attacks in the literature.
In this paper, we proposed a novel PRNG algorithm based on just one logistic map pseudorandomly enhanced for a secure and fast encryption scheme. We enhance the pseudorandom properties of logistic map by add just one multiplication and applying arithmetic modular (mod 1). We present a comparison of the proposed pseudorandomly enhanced logistic map (PELM) with classic logistic map at histograms and Lyapunov exponents level to show its higher benefits in PRNGs. In contrast to similar PRNG’s schemes in the literature, we present a comprehensive security analysis from a cryptographic point of view to validate the proposed PRNG in cryptographic application, and we present a PRNG algorithm based on chaos with less arithmetic operation until this time. In addition, the PRNG sequence is verified with TestU01 and with NIST 800-22 test suit, where 15,000 secret keys selected randomly and several sequences until 1 million-bits were implemented at MATLAB simulation to demonstrate robustness of the proposed pseudorandom number generator based on pseudorandomly enhanced logistic map (PRNG–PELM).
This paper is organized as follows: In Sect. 2, the classic logistic map and the proposed PELM are compared at statistical level. The details of the proposed PRNG–PELM algorithm are described in Sect. 3. In Sect. 4, we present the security analysis. The statistical analysis with NIST and TestU01 is presented in Sect. 5. In Sect. 6, a comparison and robustness analysis of the proposed scheme are provided. Finally, this paper is concluded in Sect. 7.
2 The logistic map
The logistic map is a very simple one-dimensional map widely used in growth of biological populations, complex behavior, PRNG, and cryptography [52, 53]. In order to generate the pseudorandom sequences for the PRNG–PELM, the one-dimensional logistic map is used as chaotic source map, which is described mathematically as follows
where \(x_{i}\in (0,1)\) is the discrete state, with initial condition \(x_{0}\in (0,1)\), control parameter \(a\in (3.999,4)\) to guarantee the chaotic sequences, \(i=0,1,2, \ldots ,I\) is the number of iterations, and 64-bits (type double) floating-point arithmetic representation is used to get \(10^{-15}\) decimals and avoid short period cycle and digital degradation.
The chaotic orbit of logistic map is verified with Lyapunov exponent, which is a quantitative measure of orbital divergence and chaos. A positive exponent indicates orbital divergence and chaos. Since the logistic map is one-dimensional system, it has just one Lyapunov exponent. Therefore, it must be positive to show the high dependence at initial condition (one property of chaos) [54, 55]. In this sense, two chaotic orbits of logistic map with the same control parameter but with close initial conditions are produced, and the next is calculated
where \(\lambda \) is the Lyapunov exponent, \(x_{0}\) is the initial condition, \(x'_{0}=x_{0}+\delta _{0}\) is another very close initial condition, and I is the iterations. The value used for initial condition is \(x_{0}=0.345678987654321\), a disturbance of \(\delta _{0}=5 \times 10^{-6}\), and iteration \(I=\) 10,000. In Fig. 1, the Lyapunov exponent by using increments of \(5\times 10^{-4}\) in the range of \(a\in (3.999,4)\) is presented, where the values for \(\lambda \) are close to 0.69. In Fig. 2a, the histogram of 10,000 values of direct logistic map is showed, and it is clear the bad distribution of chaotic data, where high frequencies are close to 0 and 1.
In this paper, we enhance the properties of the chaotic logistic map to produce better pseudorandom sequences by just include one multiplication in each iteration and applying mod 1. This idea has been implemented in our recently work successfully for image encryption and biometric fingerprint encryption in [6, 16]. In contrast to our previous works, in this paper we add the Lyapunov exponent to validate the proposed PELM.
The proposed PELM has the following expression
where mod is the operation of module 1. The Lyapunov exponent is calculated according to Eq. (3) in a similar form that above, and we found greater value in \(\lambda \) close to 10.7 (Fig. 1). This is a prove of higher and faster divergence between the two tested chaotic orbits than direct logistic map. Additionally, 10,000 values of the proposed pseudorandomly enhanced logistic map are presented in Fig. 2b with a uniform distribution. Therefore, the statistical characteristics of the logistic map are enhanced pseudorandomly.
3 Proposed PRNG–PELM algorithm
In the proposed PRNG–PELM, we use the chaotic sequence produced by Eq. (3) to increase the security, whereas we keep the high speed of one-dimensional logistic map. Since low key space is a problem in one-dimensional chaotic maps, we implement an indirect form to calculate the initial condition \(x_{0}\) and the control parameter a by using 32 hexadecimal digits (128-bits) \(K\in [0-9,A-F]\) based on our previous work [6]. The secret key is divided in four sections to generate the initial condition and control parameter of the logistic map (Table 1). Since we consider the control parameter between \(a\in (3.999,4)\), all keys or seeds are strong. On the other hand, weak keys (periodic orbits) are avoided. In addition, floating-point arithmetic (64-bits) is used in logistic map to avoid short periodicity and digital degradation.
The steps of the proposed PRNG–PELM algorithm are described as follows:
-
1.
Select the seed, which we call secret key 32 hexadecimal digits are selected manually or randomly, and the initial condition and control parameter of logistic map are determined according to Table 1.
-
2.
Iterate the PRNG–PELM The pseudorandomly enhanced logistic map is iterated I times by using Eq. (3) to produce the chaotic sequence. Each value is between 0 and 1 with \(10^{-15}\) decimals.
-
3.
Transform from decimal to integer Each value of the chaotic sequence \(X\in (0,1)\) is transformed to a 8-bit integer by using the following expression
$$\begin{aligned} \hbox {PRNG}{-}\hbox {PELM}_{i} = \hbox {round}(X_{i} \times 255) \end{aligned}$$(4)where \(i=0,1,2, \ldots ,I\), round is the round to nearest operation, and PRNG–PELM\(\in (0,255)\) is the pseudorandom sequence.
Currently, PRNG algorithms have been used in cryptography. Therefore, it is very important determine the security, efficiency, and pseudorandom statistics. In the next section, we present several security and randomness analysis based on MATLAB simulation.
4 Security analysis
In this section, we present several analyses such as key space, key sensibility, floating frequency, histograms, autocorrelation, information entropy, correlation, and performance to verify the high security of the proposed PRNG–PELM for cryptographic applications. The security analysis is implemented in MATLAB v7.6(R2008a) software platform in a laptop with AMD Turion 2.0 GHz CPU, 3.18 GB RAM, and Windows XP 32-bit OS.
4.1 Key space analysis
The secret key or seed of a PRNG must have more than \(2^{100}\) possible secret key according to [2] to resit an exhaustive attack, where each possible key is tried over the PRNG algorithm to find a specific PRNG sequence. In the proposed scheme, there are \(2^{128}\) possible keys. In addition, all of them are considered strong.
4.2 Key sensitivity analysis
A PRNG algorithm must be highly sensitive at small changes in secret key, even at bit level [2]. In this subsection, we verify the high sensitivity at secret key of the proposed PRNG–PELM algorithm by using four similar keys, which are different in just one bit between them (Table 2). In Fig. 3, we present the pseudorandom trajectory (the first 15 elements) generated by the proposed PRNG–PELM by using the four keys. After the four iterations (element), the dynamics are totally different between them. Therefore, the propose PRNG–PELM algorithm is highly sensitive at bit level in secrete key or seed.
Recently, NPCR (Net Pixel Change Rate) and UACI (Unified Average Changing Intensity) have been used in image encryption based on chaos for differential analysis. Basically, they are used to measure the differences between two sequences \(S_{1}\) and \(S_{2}\). NPCR measures how many elements are different between them in percentage, where 100 % means they are totally different. It is calculated with the following expression
where
The UACI measures how many magnitude in average is different \(S_{1}\) from \(S_{2}\), where 100 % means they are totally different in magnitude. It is determined by the next expression
In this analysis, first, a PRNG–PELM sequence is determined by using “1234567 890ABCDEF1234567890ABCDEF” as seed and \(S_{1}\) is generated. Then, another 100 PRNG–PELM sequences are calculated from 100 seeds (with just 1-bit different with the key above) to generate \(S_{2}\). Finally, in Fig. 4, the result of 100 analysis of NPCR and UACI between \(S_{1}\) and \(S_{2}\) is shown. In average, the NPCR is 99.5774 % and UACI is 33.3014 %. Since there are almost all the elements different between \(S_{1}\) and \(S_{2}\), with a magnitude of 33 % in average, the proposed PRNG–PELM is highly sensitivity at secret key or seed.
4.3 Floating frequency analysis
This analysis is to determine whether a PRNG–PELM sequence presents weak sections or, on the other hand, it presents strong pseudorandom properties. The floating frequency must be uniform, and it should have all the 256 symbols in a window a 256 elements, ideally. First, a window of the first 256 elements is selected, and we count how many elements are different in that window. Then, the window is shifted to the right just one position, and the floating frequency is calculated again. The shift is performed until the last element. Figure 5 shows the floating frequency of four PRNG–PELM sequences of 2000 elements (8-bit each) by using four keys selected randomly. The results are uniform with 161, 165, 163, and 160 different elements in average, respectively. Therefore, the proposed PRNG–PELM algorithm does not produce weak sections. In fact, it produces strong pseudorandom properties uniformly.
4.4 Histogram
A histogram shows the frequency of each element in a graphical form, i.e., how much times each symbol appears in a sequence. Then, a good PRNG should present a uniform histogram with any secret key or seed. In Fig. 6, the histogram of four PRNG–PELM with 2000 8-bits numbers by using four key selected randomly is shown. Based on the graphics, the proposed algorithm can generate a uniform output.
4.5 Autocorrelation analysis
In signal processing, the autocorrelation is defined as the correlation of a signal with itself shifted k positions, and it determines whether a signal has repetitive patterns, periodicity, or dependence. In this contest, we verify whether the proposed PRNG–PELM algorithm generates pseudorandom numbers, periodicity, dependence or repetitive patters. It is calculated with the following expression
where AC \(\in [-1,1]\) is the autocorrelation of the PRNG shifted k position, A is the number of matches between the original and the shifted sequence, D is the number of mismatches between original and the shifted sequence, and T is the length of the sequence. Values close to 1 means that many bits are identical. Values close to \(-1\) means that many bits are opposed. Values of 0 means there are the same number of identical and opposed bits.
In this analysis, we calculate the autocorrelation at bit level. We use a PRNG–PELM sequence of 2000 integers. Therefore, we use a sequence of 16,000 bits. Its autocorrelation is achieved until \(k=500\) to the right by using circular shift. In Fig. 7, the results of AC in four PRNG–PELM sequences generated from four keys selected randomly are presented. Since the AC is very close to 0, the PRNG–PELM produces uniform pseudorandom numbers without repetitive patterns or periodicity.
4.6 Degree of non-periodicity
In this section, the degree of non-periodicity of the proposed PRNG–PELM is presented by using the scale index, which is based on the continuous wavelet transform and the wavelet multi-resolution analysis [56]. This method have been used to determine the periodicity of chaotic maps such as logistic map, Henon map, and the forced Bonhoeffer–van der Pol oscillator in [56], quantum map in [41], bit series of TRNG in [34], and quantum Hash function in [57]. The scale index is defined as a measure of the degree of non-periodicity of tested signal, where \(i_\mathrm{scale}\in [0,1]\): \(i_\mathrm{scale}=0\) or \(i_\mathrm{scale}\approx 0\) for periodic signals and \(i_\mathrm{scale}\approx 1\) for non-periodic signals. For more details, see [56].
In this test, 100 PRNG–PELM sequences with 1000 elements are calculated from 100 secret keys selected randomly. These sequences are used to calculate the scale index. Figure 8 shows the scale index results of the 100 tests. Since the scale index is near to 1, the proposed scheme produces non-periodic sequences. These results are contrasted with autocorrelation analysis.
4.7 Information entropy analysis
A PRNG algorithm must generate unpredictable numbers with high disorder but with determinism. Then, these characteristics are tested with information entropy analysis to determine how much information it has in the sequence. High values of entropy mean a robust pseudorandom generator, whereas low values of entropy mean weak pseudorandom generator with certain degree of predictability. The entropy H(m) of a sequence m can be calculated as follows
where N is the number of bits of each element of the sequence m, \(2^{N}\) is all possible symbols in the sequence, \(p(m_{i})\) represents a probability of the element \(m_{i}\) in the sequence, and the entropy is expressed in bits. If there is a sequence m with \(2^{N}\) possible elements, the entropy should be \(H(m)=N\) ideally. In the proposed PRNG–PELM, the maximum entropy is 8. Figure 9 shows the result of entropy calculated from 50 pseudorandom sequences by using 50 keys selected randomly. The average entropy of 50 test is 7.9945. Therefore, it is another evidence of the high pseudorandom properties of the proposed PRNG–PELM.
4.8 Correlation analysis
The correlation coefficient measures the statistical relation between two pseudorandom sequences. In contrast to autocorrelation analysis, in this test two pseudorandom sequences with the same length are compared each other. The correlation coefficient of two sequences can be measured as follows
where x and y are values of two sequences, and N is the number of elements in one sequence. The value of correlation is \(Cr\in (-1,1)\), where basically 0 means null correlation and 1 means high correlation. In Fig. 10, the correlation between a pseudorandom sequence generated by the key “1234567890ABCDEF1234567890AB CDEF” and 500 pseudorandom sequences generated by 500 keys selected randomly is presented. The correlation average is \(-0.0021\). The uniform results of the 500 test close to 0 verified that there is not a correlation between pseudorandom sequences generated by the proposed PRNG–PELM.
4.9 Performance analysis
Since most of the PRNGs are implemented in real-time applications, and in some cases in embedded systems with limited hardware, it is highly important to consider the efficiency and speed of a PRNG algorithm. In the proposed PRNG–PELM algorithm, we use just one logistic map with better pseudorandom characteristics. Table 3 shows the speed in Mbits/s, based on MATLAB simulation and the hardware described in Sect. 4. In addition, we present a comparison with recent schemes in the literature, where a similar simulation hardware was used.
On the other hand, the number of arithmetic operation required in the PRNG is another form to measure the performance, since the hardware (personal computer or laptop) used for speed analysis is relative. In Table 4, the required arithmetic resources are presented, and we compare them with recent PRNGs reported in the literature in a similar form as Ref. [38]. We compute the number of operations used in the PRNG–PELM after know the initial condition and control parameter of logistic map, since the compared schemes use direct initial condition and control parameter for the chaotic system.
On the other hand, the literature of TRNG presents high bit rate until 560 Gbit/s. Nevertheless, the proposed PRNGs are at low cost, easy to implement in any programmable electronic device (even with limited hardware resources), high bit output for some interesting application such as text, biometrics, electronic payment, military, among others. All these properties make the proposed scheme interesting for digital cryptography by using embedded systems. FPGA presents several advantages in digital processing systems due to the parallel programming and high operation frequency. Thus, the proposed PRNG algorithm can be programmed by using very high descriptive language (VHDL) to optimize the resources and determine the output rate. In contrast to TRNG implemented in FPGA, post-processing techniques are required to increase the output rate until 58.76 and 20 Mbit/s in [33, 34], respectively.
4.10 Security characteristics
The features of the proposed PRNG–PELM algorithm to reduce negative aspects of the one-dimensional chaotic map and to provide robustness are:
-
Initialization of chaotic sequences initial condition and control parameter of two logistics maps are determined indirectly from a 128-bit secret key considering just chaotic range. With this process, the small space key and chaotic discontinuous ranges are eliminated.
-
Enhancing the pseudorandom sequences pseudorandom data of logistic map are modified by two arithmetic operations to produce better distribution.
-
Performance and efficiency One-dimensional logistic map is used to produce high-speed PRNG, with low memory and arithmetic operation requirements.
-
Robustness Comprehensive security analysis presented in Sec. 4 validates the proposed PRNG for secure cryptography applications. In addition, 15 statistical tests based on NIST were implemented successfully.
-
Digital degradation a \(10^{-15}\) precision was used to avoid digital degradation and short periodicity of chaotic data.
5 Randomness analysis
In cryptosystems based on chaos, the PRNG is used as the principal security component. Therefore, it is highly important to verify its efficiency in pseudorandom statistical terms. There are several suits to test the randomness of pseudorandom number generators such as NIST, DIEHARD, Gustafson, Beker and Piper, Crypt-XS suite, and Donald Knuth [39, 45]. The above test suit presents several tests that are related to between them. In this sense, not all the statistical suits need to be implemented. Nevertheless, the NIST is the most complete test suite to achieve this goal.
NIST test suite is a statistical package consisting of 15 tests that were developed to test the randomness of (arbitrarily long) binary sequences produced by either hardware- or software-based cryptographic random or pseudorandom number generators. Hence, we use the 15 tests of the NIST to verify the pseudorandom capabilities of the proposed PRNG–PELM. For a high-level description and technical details of these particular tests, see [32].
5.1 NIST 800-22 test results
Several pseudorandom sequences of the proposed PRNG–PELM are verified by using the 15 tests of NIST 800-22. In each test, a probability value of P value is computed from a binary sequence of length n. A P value equal to 1 means perfect randomness, and a P value equal to 0 means null randomness. The P value must be greater than a predefined threshold \(\alpha \) to pass the test. If all the tests pass, then the sequence would be considered random with a confidence of \(1- \alpha \). Otherwise, the tested sequence is not considered random.
In the numerical results, we use \(\alpha = 0.01\), according to recent similar schemes [38, 39, 45]. A \(\alpha \) of 0.01 indicates that one would expect 1 sequence in 100 sequences to be rejected. A \(P \hbox {value}\ge 0.01\) would mean that the sequence would be considered to be random with a confidence of 99 %. A \(P \hbox {value} < 0.01\) would mean that the conclusion was that the sequence is non-random with a confidence of 99 %.
The range of acceptable proportions is determined by using the next expression
where \(\hat{p}=1-\alpha \) and m is the sample size. In this analysis, \(\alpha =0.01\) and 1000 different sequences are used with several lengths of bits by using the proposed PRNG–PELM, i.e., \(m=1000\). Then, the acceptable interval is between [0.98056, 0.99943]. If the proportion falls outside of this interval, there is an evidence that the data are non-random. In addition, we used 1000 secret keys selected randomly in each test, which verifies the high security of the secret key handling in the proposed scheme. In Table 5, the results of all 15 tests are shown. One can see that all the tests are over the acceptable interval. Therefore, the proposed PRNG–PELM generates pseudorandom sequences validated with the most stringent FIPS test suite.
In all the NIST tests in Table 5, several sequences have weak random properties or they are considered as non-random by NIST, i.e., a P value smaller than 0.01. Nevertheless, the confidence of the proposed PRNG–PELM to produce a random sequence validated with NIST test suite is about 99 %, i.e., one of one hundred sequences could not be random.
5.2 TestU01 results
Literature presents another empirical statistical test for uniform PRNGs, which is known as TestU01 [59]. Three predefined batteries of TestU01 are used for bit sequences of the proposed PRNG–PELM, i.e., smallCrush, crush, and bigCrush. In these tests, several P values are calculated to measure the uniformity of RNGs, where values close to 1 mean excessive uniformity and close to 0 mean the opposite situation. Nevertheless, if the P value is very small (less than \(10^{-10}\)), it is clear that the RNG fails the test. Values close to 0 and 1 are considered as accepted. In Table 6, the results of TestU01 based on the three batteries are presented. The results show the effectiveness of the proposed method to produce pseudorandom numbers, which is contrasted with correlation analysis since PRNG–PELM sequences present low correlation.
5.3 Randomness test at graphical level
The randomness of one hundred PRNG sequences of 40,000 bits length (each one) is analyzed at bit level. We use 100 different secret keys selected randomly, and three analyses are presented at graphical level considering some aspects of statistical Federal Information Processing Standard FIPS-140-2 test suite [60]. A brief description of these tests is described as follows:
Test 1 The cryptogram should have the same number of zeros and ones ideally. Figure 11 presents the zeros and ones of one hundred PRNG–PELM sequences with 40,000 bits each one. It shows that the numbers of zeros and ones are presented uniformly and each one is close to 20,000.
Test 2 A sequence of \(m=2,3,4\) bit length with all its possible combinations, i.e., if \(m=3\), \(m\in (000,001, \ldots ,111)\) each sequence must be reproduced by the same probability. In Fig. 12, the average of 100 PRNG–PELM sequences are presented for sequences of 2, 3, and 4 bits length with all its possible combinations.
Test 3 A run of j ones \(0111 \ldots 10\) (the number of contiguous 1’s) is known as a block and a run of j zeros \(1000 \ldots 01\) is called a gap. This test checks whether the number of binary runs or ones appears with the same probability in each cryptogram. Figure 13 shows the results for \(j=1,2,3\), i.e., block of 010, 0110, and 01110, and a gap of 101, 1001, and 10001 in each PRNG–PELM sequence.
In the three cases, the PRNG–PELM sequences present a uniform distribution at bit level. Thus, the high randomness of the proposed PRNG algorithm is achieved at a graphical level.
6 Comparison and robustness analysis
6.1 Comparison analysis
Currently, some PRNGs based on chaotic maps have been proposed in the literature. Although all of them present success in randomness analysis with random test suit, they present just some or null security analysis. A comprehensive security analysis should be considered, since the PRNG could be used in cryptosystems. In Table 7, the comparison of the proposed PRNG–PELM with recent schemes in the literature is presented. Specifically, the proposed scheme presents a complete security analysis and high-speed processing to validate its implementation in secure encryption applications.
6.2 Robustness of the proposed PRNG–PELM
We use 1000 PRNG sequences, and the acceptable interval is between [0.98056, 0.99943] to achieve the requirements of randomness (according to statistical NIST test suit), i.e., at least 980 (98 %) PRNG sequences or more must pass the FIPS 15 tests. According to Rukhin et al. [32], it is recommended that first the Frequency test be successful, since this supplies the most basic evidence for the existence of non-randomness in a sequence, specifically non-uniformity. If this test fails, the likelihood of other tests failing is high. Then, just the frequency test (FT) is presented for the robustness analysis.
We calculate the interval of success in frequency (Monobit) test by 26 different intervals of bit length between 500 and 1,004,000 of bits. In each interval, we use 1000 PRNG sequences produced by 1000 secret keys selected randomly. In Fig. 14, the results of the success frequency test is presented for each test. Therefore, the proposed PRNG scheme is robust, when different bit lengths are required.
7 Conclusion
In this work, we presented a pseudorandomly enhanced logistic map (PELM) and its application in a pseudorandom number generator (PRNG) algorithm. The PELM produced better pseudorandom properties than logistic map according to histogram and Lyapunov exponent. Thus, the proposed pseudorandom number generator based on pseudorandomly enhanced logistic map (PRNG–PELM) algorithm generated 8-bit pseudorandom numbers with high pseudorandomness, security, effectiveness, robustness, and high speed, according to several analysis showed. In addition, the PRNG–PELM algorithm was validated with the most complete randomness test suit.
In contrast to related schemes in the literature, we present several security analysis from a cryptographic point of view, which verify and justify the capabilities of our scheme in security aspects for cryptographic purposes. For example, the key sensitivity analysis indicates the robustness against differential attacks. In this context, the randomness test such as NIST 800-22 is primordial over PRNGs or TRNGs, but security aspects related to cryptography must be considered to increase the capabilities of such schemes in applications of secure communications.
In addition, the proposed algorithm requires less arithmetic operation than all the related PRNG’s schemes in the literature until this time, which presents a high processing output for its implementation in cryptographic embedded applications with limited hardware resources, such as in microcontrollers. Therefore, the proposed PRNG–PELM can be used in several secure cryptographic applications as pseudorandom source for text, images, military, telemedicine, biometrics, computation, industry, electronic payment, personal information, among others.
References
Shannon, C.E.: Communication theory of secrecy systems. Bell Syst. Tech. J. 28, 656–715 (1949)
Alvarez, G., Li, S.: Some basic cryptographic requirements for chaos-based cryptosystems. Int. J. Bifurcat. Chaos 16, 2129–2151 (2006)
Pareek, N.K., Patidar, V., Sud, K.K.: Image encryption using chaotic logistic map. Image Vision Comput. 24, 926–934 (2006)
Patidar, V., Pareek, N.K., Sud, K.K.: A new substitution-diffusion based image cipher using chaotic standard and logistic maps. Commun. Nonlinear SCI 14, 3056–3075 (2009)
Chen, D., Chang, Y.: A novel image encryption algorithm based on logistic maps. Adv. Inf. Sci. Serv. Sci. 3, 364–372 (2011)
Murillo-Escobar, M.A., Cruz-Hernández, C., Abundiz-Pérez, F., López-Gutiérrez, R.M., Acosta Del Campo, O.R.: A RGB image encryption algorithm based on total plain image characteristics and chaos. Signal Process 109, 119–131 (2015)
Hongjun, L., Xingyuan, W.: Color image encryption based on one-time keys and robust chaotic maps. Comput. Math. Appl. 59, 3320–3327 (2010)
Wang, X., Yang, L., Liu, R., Kadir, A.: A chaotic image encryption algorithm based on perceptron model. Nonlinear Dyn. 62, 615–621 (2010)
Wang, X., Teng, L., Qin, X.: A novel color image encryption algorithm based on chaos. Signal Process 92, 1101–1110 (2012)
Inzunza-González, E., Cruz-Hernández, C.: Double hyperchaotic encryption for security in biometric systems. Nonlinear Dyn. Syst. Theory 13, 55–68 (2013)
Zhou, Y., Bao, L., Philip Chen, C.L.: A new 1D chaotic system for image encryption. Signal Process 97, 172–182 (2014)
Zhang, X., Mao, Y., Zhao, Z.: An efficient chaotic image encryption based on alternate circular S-boxes. Nonlinear Dyn. 78, 359–369 (2014)
Stanciu, M., Datcu, O.: Atmel AVR Microcontroller Implementation of a New Enciphering Algorithm Based on a Chaotic Generalized Hénon Map, 9th International Conference on Communications, pp. 319–322 (2012)
Andreatos, A.S., Volos, C.K.: Secure Text Encryption Based on Hardware Chaotic Noise Generator, 2nd International Conference on Cryptography and Its Applications in the Armed Forces (2014)
Zapateiro De la Hoz, M., Acho, L., Vidal, Y.: An experimental realization of a chaos-based secure communication using Arduino microcontrollers. Sci. World J. 10 pages (2015)
Murillo-Escobar, M.A., Cruz-Hernández, C., Abundiz-Pérez, F., López-Gutiérrez, R.M.: A robust embedded biometric authentication system based on fingerprint and chaotic encryption. Expert Syst. Appl. 42, 8198–8211 (2015)
Murillo-Escobar, M.A., Cruz-Hernández, C., Abundiz-Pérez, F., López-Gutiérrez, R.M.: Implementation of an improved chaotic encryption algorithm for real-time embedded systems by using a 32-bit microcontroller. Microprocess. Microsy. 45, 297–309 (2016)
Sadoudi, S., Azzaz, M.S., Djeddou, M., Benssalah, M.: An FPGA real time implementation of the Chen’s chaotic system for securing chaotic communications. Int. J. Nonlinear Sci. 7, 467–474 (2009)
Pande, A., Zambreno, J.: A chaotic encryption scheme for real time embedded systems: design and implementation. Telecommun. Syst. 52, 551–561 (2011)
Merah, L., Ali-Pacha, A., Said, N.H., Mamat, M.: Design and FPGA implementation of Lorenz chaotic system for information security issues. Appl. Math. Sci. 7, 237–246 (2013)
Arroyo, D., Alvarez, G., Fernandez, V.: On the inadequacy of the logistic map for cryptographic applications. X Reunión Espanola sobre Criptología y Seguridad de la Información, pp 77–82 (2008)
Cristian-Iulian, R., Vasile-Gabriel, I.: Aspects regarding chaotic maps hardware implementations. Revue Roumaine Des Sci. Tech. 52, 219–227 (2007)
Qi, B., Chi, Y.-M., Lo, H.-K., Qian, L.: High-speed quantum random number generation by measuring phase noise of a single-mode laser. Opt. Commun. 325, 165–169 (2010)
Bucci, M., Germani, L., Luzzi, R., Tommasino, P., Trifiletti, A., Varanonuovo, M.: A high-speed IC random-number source for smartcard microcontrollers. IEEE T. Circuits-I 50, 1373–1380 (2003)
Petrie, C.S., Connelly, J.A.: A noise-based IC random number generator for applications in cryptography. IEEE T. Circuits-I 47, 615–621 (2000)
Schindler, W., Killmann, W.: Evaluation criteria for true (physical) random number generators used in cryptographic applications. Lecture Notes in Computer Science, vol. 2523, pp. 431–449. Springer, Berlin (2002)
Uchida, A., et al.: Fast physical random bit generation with chaotic semiconductor lasers. Nat. Photonics 2, 728–732 (2008)
Huang, M., Wang, A., Li, P., Xu, H., Wang, Y.: Real-time 3 Gbit/s true random bit generator based on a super-luminescent diode. Opt. Commun. 325, 165–169 (2014)
Wang, J., Liang, J., Li, P., Yang, L., Wang, Y.: All-optical random number generation using highly nonlinear fibers by numerical simulation. Opt. Commun. 321, 1–5 (2014)
Argyris, A., Pikasis, E., Deligiannidis, S., Syvridis, D.: Sub-Tb/s physical random bit generators based on direct detection of amplified spontaneous emission signals. J. Lightwave Technol. 30, 1329–1334 (2012)
Argyris, A., Deligiannidis, S., Pikasis, E., Bogris, A., Syvridis, D.: Implementation of 140 Gb/s true random bit generator based on a chaotic photonic integrated circuit. Opt. Exp. 18, 728–732 (2010)
Rukhin, A., Soto, J., Nechvatal, J., Smid, M., Barker, E., Leigh, S., Levenson, M., Vangel, M., Banks, D., Heckert, A., Dray, J., Vo, S.: A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. NIST special publication 800-22 (2001)
Koyuncu, İ., Özcerit A.T.: The design and realization of a new high speed FPGA-based chaotic true random number generator. Comput. Electr. Eng. (2016). doi:10.1016/j.compeleceng.2016.07.005
Avaroğlu, E., Tuncer, T., Özer, A.B., Ergen, B., Türk, M.: A novel chaos-based post-processing for TRNG. Nonlinear Dyn. 81, 189–199 (2015)
Avaroğlu, E., Koyuncu, I., Özer, A.B., Türk, M.: Hybrid pseudo-random number generator for cryptographic systems. Nonlinear Dyn. 82, 239–248 (2015)
Avaroğlu, E., Tuncer, T., Özer, A.B., Türk, M.: A new method for hybrid pseudo random number generator. J. Microelectron. Electron. Compon. Mater. 44, 303–311 (2015)
Tuncer, T., Avaroğlu, E., Türk, M., Özer, A.B.: Implementation of non-periodic sampling true random number generator on FPGA. J. Microelectron. Electron. Compon. Mater. 44, 296–302 (2014)
Wang, Y., Liu, Z., Ma, J.: A pseudorandom number generator based on piecewise logistic map. Nonlinear Dyn. 83, 1–19 (2015)
García-Martínez, C., Campos-Cantón, E.: Pseudo-random bit generator based on multi-modal maps. Nonlinear Dyn. 82, 2119–2131 (2015)
Stoyanov, B., Kordov, K.: Novel secure pseudo-random number generation scheme based on two tinkerbell maps. Adv. Stud. Theor. Phys. 9, 411–421 (2015)
Akhshani, A., Akhavan, A., Mobaraki, A., Lim, S.C., Hassan, Z.: Pseudo random number generator based on quantum chaotic map. Commun. Nonlinear SCI 19, 101–111 (2014)
François, M., Grosges, T., Barchiesi, D.: Pseudo-random number generator based on mixing of three chaotic maps. Commun. Nonlinear SCI 4, 887–895 (2014)
François, M., Defour, D., Negre, C.: A fast chaos-based pseudo-random bit generator using binary 64 floating-point arithmetic. Informatica 38, 115–124 (2014)
Pareek, N.K., Patidar, V., Sud, K.K.: A random bit generator using chaotic maps. Int. J. Netw. Secur. 10, 32–38 (2010)
Pareek, N.K., Patidar, V., Sud, K.K.: A pseudo random bit generator based on chaotic logistic map and its statistical testing. Informatica 33, 441–552 (2009)
Patidar, V., Sud, K.K.: A novel pseudo random bit generator based on chaotic standard map and its testing. Electron. J. Theor. Phys. 6, 327–344 (2009)
Kanso, A., Smaoui, N.: Logistic chaotic maps for binary numbers generations. Chaos Soliton Fract. 40, 2557–2568 (2009)
Andrecut, M.: Logistic map as a random number generator. Int. J. Modern Phys. B 12, 921–930 (1998)
Wang, X.-Y., Xie, Y.-X.: A design of pseudo-random bit generator based on single chaotic system. Int. J. Modern Phys. C 23, 1250024 (2012)
Li, P., Li, Z., Halang, W.A., Chen, G.: A multiple pseudorandom-bit generator based on a spatiotemporal. Phys. Lett. A 349, 467–573 (2006)
Hu, H., Liu, L., Ding, N.: Pseudorandom sequence generator based on the Chen chaotic system. Comput. Phys. Commun. 184, 765–768 (2013)
May, R.M.: Simple mathematical models with very complicated dynamics. Nature 261, 459–467 (1976)
Ulam, S.M., von Neumann, J.: On combination of stochastic and deterministic processes. Bull. Am. Math. Soc. 53, 1120 (1947)
Wolf, A.: Quantifying Chaos with Lyapunov Exponents. Princeton University Press, Princeton. Ch. 13, pp. 273–289 (1986)
Sprott, J.C.: Lyapunov Exponents. Chaos and Time-Series Analysis. Oxford University Press, Oxford. cap. 5 (2003)
Benítez, R., Bolós, V.J., Ramírez, M.E.: A wavelet-based tool for studying non-periodicity. Comput. Math. Appl. 60, 634–641 (2010)
Yang, Y.-G., Xu, P., Yang, R., Zhou, Y.-H., Shi, W.-M.: Quantum Hash function and its application to privacy amplification in quantum key distribution, pseudo-random number generation and image encryption. Sci. Rep. 6, 1–14 (2016)
Ulam, S.M., von Neumann, J.: A new pseudorandom number generator based on complex number chaotic equation. Chin. Phys. B 21, 090506 (2012)
L’Ecuyer, P., Simard, R.: STestU01: a C library for empirical testing of random number generators. ACM Trans Math Softw, 33, article 22 (2007)
NIST, Security requirements for cryptographic modules, FIPS PUB 140-2 (2001). http://csrc.nist.gov/publications/fips/fips140-2/fips1402
Acknowledgments
This work was supported by the CONACYT, México under Research Grant 166654.
Author information
Authors and Affiliations
Corresponding author
Additional information
In Honor of H. Nijmeijer’s 60th Birthday.
Rights and permissions
About this article
Cite this article
Murillo-Escobar, M.A., Cruz-Hernández, C., Cardoza-Avendaño, L. et al. A novel pseudorandom number generator based on pseudorandomly enhanced logistic map. Nonlinear Dyn 87, 407–425 (2017). https://doi.org/10.1007/s11071-016-3051-3
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11071-016-3051-3