Method and apparatus for verifying and diversifying randomness

Assignee

• Apple Inc. · US

Inventors

• Pierre Betouin · Boulogne, FR
• Mathieu Ciet · Paris, FR
• Augustin J. Farrugia · Cupertino, US
• Gianpaolo Fasoli · Palo Alto, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2209/603
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Method and apparatus for ensuring randomness of pseudo-random numbers generated by a conventional computer operating system or electronic device. Typically pseudo-random number generators used in computer operating systems or electronic devices may be penetrated by a hacker (pirate), who penetrates a cryptographic or other supposedly secure process using the random numbers by tampering with the input random numbers, thus making them nonrandom. The present method and apparatus are intended to verify such random numbers to make sure that they are indeed random enough, by applying suitable random tests. Only if the values pass the test are they passed on for use in the cryptographic or other process. If they fail the test, a new set of random numbers is requested from the pseudo-random number generator. These are again tested. Further a diversity function may be applied to the random numbers even if they have passed the random number test in order to improve their randomness. This diversity function is for instance double encryption. An anti-replay feature is also included by which the pool of random numbers is subject to a check on each cycle to make sure that there has been no dupli…