Optimisation heuristics in randomness testing

Karel Kubíček, master thesis, spring 2017

Keywords: randomness testing, cryptanalysis, block functions, stream functions, hash functions, problem optimization, metaheuristics

Abstract:

A detectable non-randomness of cryptoprimitive's output signals a bias of the cryptographic function. This bias may signal deeper security issues of the primitive. Therefore, statistical testing of randomness is one of the automated ways of cryptanalysis. Randomness assessment by statistical batteries is an example of such automated cryptanalysis. Research tool EACirc developed at Faculty of Informatics, Masaryk University aims to design the randomness tests, which adapts to the tested data. The tool utilises a simple heuristic based on local search. This thesis researches other metaheuristics and their influence on EACirc's success rate. In extension, proof of concept artificial neural network for randomness testing was analysed.

This thesis has three main contributions. The first is a development of a testbed of 16 well-known cryptographic functions used for randomness testing comparison. The second is an extension of EACirc by three new metaheuristics. One of them, called guided local search, outperforms all the others in terms of its success rate. The third contribution is an analysis of randomness tests produced by EACirc computation. Successful tests contain evidence of the bias in the tested data. The influence of tested metaheuristics on the complexity of these tests is analysed. It is shown that the guided local search produces the least complex tests, such that allow easier cryptanalysis.

• Download thesis pdf, presentation will be added after thesis defence
• Download dataset
• List of tools:
  • EACirc (metaheuristics branch)
  • Generator
  • Neural network
  • Automation scripts