XDRBG: A Proposed Deterministic Random Bit Generator Based on Any XOF

Authors

  • John Kelsey National Institute of Standards and Technology (NIST), Gaithersburg, USA; COSIC, KU Leuven, Leuven, Belgium
  • Stefan Lucks Bauhaus-Universität, Weimar, Germany
  • Stephan Müller atsec information security corp, Austin, USA

DOI:

https://doi.org/10.46586/tosc.v2024.i1.5-34

Keywords:

pseudorandom bit generation, forward security, backward security, extendable output function (XOF)

Abstract

A deterministic random bit generator (DRBG) generates pseudorandom bits from an unpredictable seed, i.e., a seed drawn from any random source with sufficient entropy. The current paper formalizes a security notion for a DRBG, in which an attacker may make any legal sequence of requests to the DRBG and sometimes compromise the DRBG state, but should still not be able to distingush DRBG outputs from ideal random bits. The paper proposes XDRBG, a new DRBG based on any eXtendable Output Function (XOF) and proves the security of the XDRBG in the ideal-XOF model. The proven bounds are tight, as demonstrated by matching attacks. The paper also discusses the security of XDRBG against quantum attackers. Finally, the paper proposes concrete instantiations of XDRBG, employing either the SHAKE128 or the SHAKE256 XDRBG. Alternative instantiations suitable for lightweight applications can be based on ASCON.

Downloads

Published

2024-03-01

How to Cite

Kelsey, J., Lucks, S., & Müller, S. (2024). XDRBG: A Proposed Deterministic Random Bit Generator Based on Any XOF. IACR Transactions on Symmetric Cryptology, 2024(1), 5–34. https://doi.org/10.46586/tosc.v2024.i1.5-34

Issue

Vol. 2024 No. 1

Section

Articles

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.