On Random Number Generation for Kernel Applications

TL;DR

This paper introduces KCS-PRNG, a cryptographically secure pseudorandom number generator designed for kernel applications, featuring novel elliptic curves and clock-controlled LFSRs to produce statistically secure, non-reproducible random bits.

Contribution

The paper proposes a new CSPRNG with a unique configuration using verified elliptic curves and clock-controlled LFSRs, enhancing security and efficiency for kernel use.

Findings

Generated bitstreams are statistically indistinguishable from true randomness.

The KCS-PRNG is provably secure and resilient to attacks.

Exhibits exponential linear complexity, large period, and extensive key space.

Abstract

An operating system kernel uses cryptographically secure pseudorandom number generator for creating address space localization randomization offsets to protect memory addresses to processes from exploration, storing users' password securely and creating cryptographic keys. The paper proposes a CSPRNG called KCS-PRNG which produces non-reproducible bitstreams. The proposed KCS-PRNG presents an efficient design uniquely configured with two new non-standard and verified elliptic curves and clock-controlled linear feedback shift registers and a novel method to consistently generate non-reproducible random bits of arbitrary lengths. The generated bit streams are statistically indistinguishable from true random bitstreams and provably secure, resilient to important attacks, exhibits backward and forward secrecy, exhibits exponential linear complexity, large period and huge key space.