Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

XDRBG: A Proposed Deterministic Random Bit Generator Based on Any XOF

Published

Author(s)

John M. Kelsey, Stefan Lucks

Abstract

A deterministic random bit generator (DRBG) generates pseudorandom bits from an unpredictable seed, i.e. a seed drawn from any ramdom source with sufficient entropy. The current paper formalizes a security notion for a DRBG, allowing the attacker to compromise the internal state of the DRBG, requiring the DRBG to maintain the security of generated output bits prior to the compromise, and also requiring the DRBG to recover from a state compromise, once a new random seed becomes available to the DRBG. The paper proposes xdrbg, a new DRBG based on any eXtended Output Function (XOF) and proves the security of xdrbg in the ideal-XOF model. The proven bounds are tight, as demonstrated by matching attacks. The paper also discusses the security of xdrbg against quantum attackers. Finally, the paper proposes concrete instantiations of xdrbg, employing either the SHAKE128 or the SHAKE256 XOFs. Alternative instantiations suitable for lightweight applications can be based on ASCON.
Citation
IACR Transactions on Symmetric Cryptology
Volume
2024
Issue
1

Keywords

pseudorandom bit generation forward security backward security extendable output function (XOF)

Citation

Kelsey, J. and Lucks, S. (2024), XDRBG: A Proposed Deterministic Random Bit Generator Based on Any XOF, IACR Transactions on Symmetric Cryptology, [online], https://doi.org/10.46586/tosc.v2024.i1.5-34, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=956236 (Accessed September 11, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created March 1, 2024, Updated August 21, 2024