Theoretical justification and practical implementation of entropy extractors based on national cryptographic algorithms
DOI:
https://doi.org/10.30837/rt.2025.4.223.02Keywords:
extractors, entropy extraction, noise source, random sequences, symmetric encryption, hash functions, entropy estimationAbstract
Improving the process of obtaining randomness requires special attention in modern cryptographic systems and primitives. This is because random data that does not meet the requirements can significantly weaken or compromise cryptographic applications. Therefore, it is necessary to calculate keys and parameters of cryptographic transformations based on the use of verified randomness, as well as to standardize and certify methods and means of generating random sequences and numbers.
Currently, there is a high demand not only for new sources of randomness, but also for methods and means that can obtain sequences with good randomness properties from samples from such sources. This task is accomplished by entropy extractors. The NIST Special Publication 800-90B defines the procedure for collecting and evaluating entropy from relevant noise sources, as well as the procedure for applying entropy extraction to the obtained data so that the result meets certain requirements for entropy per bit, uniformity, and unpredictability.
The most important step in building an entropy extractor is choosing the proper noise source, as it contains a non-deterministic process that provides entropy and is essentially the basis of security for the entropy source and for the RNG as a whole. If the non-deterministic activity of the NS produces something other than binary data, the sampling process includes a digitization process.
Other essential steps in building an extractor include evaluating the entropy at the output of the selected noise source and then applying trusted cryptographic primitives to obtain uniform data with the required amount of entropy based on the noise source outputs.
The paper analyzes existing recommendations for constructing entropy extractors based on cryptographic primitives, provides a theoretical justification for the possibility of using national algorithms as such extractors, and gives examples of practical implementation of extractors based on national cryptographic algorithms.
Further research plans include developing a block_cipher_df extraction algorithm based on the Kalyna block cipher algorithm mentioned in this study, verification of the compliance of extractor outputs based on national cryptographic algorithms with the entropy requirements, as well as the application of extractor output extension components based on national algorithms to obtain sequences of arbitrary length.
References
Turan M.S., Barker E., Kelsey J., McKay K., Baish M., Boyle M. (2018). NIST SP 800-90B. Recommenda-tion for the Entropy Sources Used for Random Bit Generation. Available at: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90B.pdf
Rodríguez L., Madarro-Capó E., Legón-Pérez C., Rojas O., Sosa-Gómez G. (2021). Selecting an Effective Entropy Estimator for Short Sequences of Bits and Bytes with Maximum Entropy. Available at: https://doi.org/10.3390/e23050561
Skorski M. (2016). Improved Estimation of Collision Entropy in High and Low-Entropy Regimes and Applications to Anomaly Detection. Available at: https://eprint.iacr.org/2016/1035.pdf
ДСТУ 7564:2014. Інформаційні технології. Криптографічний захист інформації. Функція гешування. (2015).
ДСТУ 7624:2014. Інформаційні технології. Криптографічний захист інформації. Алгоритм симетрич-ного блокового перетворення. (2016).
Müller S., Mayer S., Dr. Holz C., Dr. Hohenegger A. (2022). Documentation and Analysis of the Linux Random Number Generator. Version 5.0. Available at: https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/LinuxRNG/LinuxRNG_EN_V5_0.pdf?__blob=publicationFile&v=3
Müller S. (2025). Linux/dev/random–ANewApproach. Available at: https://www.chronox.de/lrng/releases/v59/lrng-v59.pdf
Barker E., Kelsey J. (2015). NIST SP 800-90A Rev. 1. Recommendation for Random Number Generation Using Deterministic Random Bit Generators. NIST. Available at: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf
ДСТУ 8845:2019. Інформаційні технології. Криптографічний захист інформації. Алгоритм симетрич-ного потокового перетворення. (2019).
FIPS PUB 198-1. (2008). The Keyed-Hash Message Authentication Code (HMAC). Available at: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.198-1.pdf
Krawczyk H., Bellare M., Canetti R. (1997). RFC 2104. HMAC: Keyed-Hashing for Message Authentication. Available at: https://datatracker.ietf.org/doc/html/rfc2104
Downloads
Published
How to Cite
Issue
Section
License
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
