New method of producing random numbers could improve cybersecurity

May 16, 2016, University of Texas at Austin
An important application for random numbers is in generating keys for data encryption that are hard for hackers to crack. Credit: James Bowe, via Create Commons Attribution 2.0 Generic license.

With an advance that one cryptography expert called a "masterpiece," University of Texas at Austin computer scientists have developed a new method for producing truly random numbers, a breakthrough that could be used to encrypt data, make electronic voting more secure, conduct statistically significant polls and more accurately simulate complex systems such as Earth's climate.

The new method creates truly random numbers with less computational effort than other methods, which could facilitate significantly higher levels of security for everything from consumer credit card transactions to military communications.

Computer science professor David Zuckerman and graduate student Eshan Chattopadhyay will present research about their method in June at the annual Symposium on Theory of Computing (STOC), the Association for Computing Machinery's premier theoretical computer science conference. An invitation to present at the conference is based on a rigorous peer review process to evaluate the work's correctness and significance. Their paper will be one of three receiving the STOC Best Paper Award.

"This is a problem I've come back to over and over again for more than 20 years," says Zuckerman. "I'm thrilled to have solved it."

Chattopadhyay and Zuckerman publicly released a draft paper describing their method for making random numbers in an online forum last year. In a field more accustomed to small, incremental improvements, the computer science community hailed the method, suggesting that, compared with earlier methods, this one is light years ahead. Oded Goldreich, a professor of computer science at the Weizmann Institute of Science in Israel, commented that even if it had only been a moderate improvement over existing methods, it would have justified a "night-long party."

"When I heard about it, I couldn't sleep," says Yael Kalai, a senior researcher working in cryptography at Microsoft Research New England who has also worked on randomness extraction. "I was so excited. I couldn't believe it. I ran to the (online) archive to look at the paper. It's really a masterpiece."

The new method takes two weakly random sequences of numbers and turns them into one sequence of truly random numbers. Weakly random sequences, such as air temperatures and stock market prices sampled over time, harbor predictable patterns. Truly random sequences have nothing predictable about them, like a coin toss.

The new research seems to defy that old adage in computer programming, "Garbage in, garbage out." In fact, it's the latest, most powerful addition to a class of methods that Zuckerman pioneered in the 1990s called randomness extractors.

Previous versions of randomness extractors were less practical because they either required that one of the two source sequences be truly random (which presents a chicken or the egg problem) or that both source sequences be close to truly random. This new method sidesteps both of those restrictions and allows the use of two sequences that are only weakly random.

An important application for random numbers is in generating keys for data encryption that are hard for hackers to crack. Data encryption is critical for making secure credit card purchases and bank transactions, keeping personal medical data private and shielding military communications from enemies, among many practical applications.

Zuckerman says that although there are already methods for producing high-quality random numbers, they are very computationally demanding. His method produces higher quality randomness with less effort.

"One common way that encryption is misused is by not using high-quality randomness," says Zuckerman. "So in that sense, by making it easier to get high-quality randomness, our methods could improve security."

Their paper shows how to generate only one truly random number—akin to one coin toss—but Zuckerman's former student Xin Li has already demonstrated how to expand it to create sequences of many more .

The website where Zuckerman and Chattopadhyay posted their draft last summer, called the Electronic Colloquium on Computational Complexity, allows researchers to share their work and receive feedback before publishing final versions in journals or at conferences. Computer scientists and mathematicians have been carefully reviewing the article, providing suggestions and even extending the to make it more powerful.

Explore further: The quest for true randomness and uncrackable codes

Related Stories

Recommended for you

Technology near for real-time TV political fact checks

January 18, 2019

A Duke University team expects to have a product available for election year that will allow television networks to offer real-time fact checks onscreen when a politician makes a questionable claim during a speech or debate.

Privacy becomes a selling point at tech show

January 7, 2019

Apple is not among the exhibitors at the 2019 Consumer Electronics Show, but that didn't prevent the iPhone maker from sending a message to attendees on a large billboard.

China's Huawei unveils chip for global big data market

January 7, 2019

Huawei Technologies Ltd. showed off a new processor chip for data centers and cloud computing Monday, expanding into new and growing markets despite Western warnings the company might be a security risk.

2 comments

Adjust slider to filter visible comments by rank

Display comments: newest first

dirk_bruere
3.7 / 5 (3) May 17, 2016
So how does it work?
antialias_physorg
3.7 / 5 (3) May 17, 2016
Here's a link to their draft paper
http://eccc.hpi-w...015/119/

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.