## Abstract

An acceptable way to assess the quality of an RNG (PRNG) is to apply a standard battery of statistical randomness tests to a sampled output. Such tests compare some observed properties of the sample to properties of a uniform distribution, with the hope to detect deviations from the expected behavior. Consider a (P)RNG that outputs M -bit values which, due to a failure or an attack, are coerced to a subset of {0, 1}^{M} of only 2^{n} elements, for some n < M. Such outputs are predictable with a probability of at least 2^{-n} > 2^{-M}, but the standard randomness tests do not necessarily detect this behavior. We show here deterministic M-bit sequences (M = 128) that belong to a subset of size 2^{n}, but pass the DIEHARD Battery of Tests of Randomness [1] and the NIST Statistical Test Suite [2], even with a relatively small value of n = 29. To address the difficulty, we propose a detection method that is feasible even for large values of n (e.g., n = 64). As a practical example, we apply our method to rule out the existence of the speculative stealthy hardware Trojan that is discussed in [3].

Original language | English |
---|---|

Pages (from-to) | 289-294 |

Number of pages | 6 |

Journal | IEEE Transactions on Dependable and Secure Computing |

Volume | 15 |

Issue number | 2 |

DOIs | |

State | Published - 2016 |

### Bibliographical note

Funding Information:The authors thank Georg Becker and Christof Paar (authors of [3]) for sharing information on the parameters that were used with the NIST Statistical Test Suite, for confirming that our model matched the model that was used in [3], and for many other valuable discussions. They also thank two anonymous referess for their useful comments. This research was supported by the PQCRYPTO project, which was partially funded by the European Commission Horizon 2020 research Programme, grant #645622, and by the Blavatnik Interdisciplinary Cyber Research Center (ICRC) at the Tel Aviv University.

Publisher Copyright:

© 2004-2012 IEEE.

## Keywords

- Error-checking
- random number generation
- statistical computing
- testing strategies

## ASJC Scopus subject areas

- Electrical and Electronic Engineering