Measuring the Insertion Attack Effect on Randomness Property of AES-based Pseudorandom Generator Santi Indarjani 1 + and Belawati Widjaja 2 1 National Crypto Institute 2 Faculty of Computer Science, University of Indonesia Abstract. Random (pseudorandom) number generator (RNG/PRNG) as the heart of a cryptographic system could be a potential target for adversary to defect the security. The attack can be performed actively through insertion attack on the random outputs to reduce or even omit the randomness property. In this paper, we try to figure out the behavior of AES-based pseudorandom generator for all variants with OFB, CFB and CTR mode against the insertion attack. The insertion attack performed in five levels of insertion block (32-bit, 64- bit, 128-bit, 256-bit and 512-bit), by inserting 1bit-through 3-bits in a random manner. The bits inserted and the location of insertion are taken from a (difference) random sequence, where the location is determined by formulation 2Logn (n is the block of insertion). The tests are done by conducting the randomness test and the statistical distances test on the random sequences before and after the insertion attack. The randomness test used is NIST randomness tool with level significance of α = 0.01. We use 1000 samples with length 10 6 bits for each variant. The results from the randomness tests showed that the insertion attack doesn’t give the significant effects on the randomness property of AES-based PRNG which is shown that only about 21.48% of all samples have failed test at most 3 tests on a single experiment. The second tests are still in progress, but temporary results showed that the sequences before and after insertion attack are indistinguishable under ε=0.01, which come to conclusion that the AES-based PRNG is still random after the insertion attack. Keywords: pseudorandom generator, randomness, insertion attack, encryption mode, statistical distance. 1. Introduction Information as a critical asset need to be secured comprehensively and properly that would not be apart from cryptographic applications for assuring the confidentiality, integrity, authentication and non repudiation services [1]. Random number generator (RNG) or pseudorandom generator (PRNG) is the heart of a cryptographic system because it provides a secret key, nonce, IV, or other input parameter needed in cryptographic applications [2]. Any weakness on RNG/PRNG will automatically weaken the system. Therefore this critical component can be a potential target for adversary to reduce the security. On the other hand, randomness is also needed in many other applications outside cryptography. For example, in a network system, every data packet will be transmitted almost at the same time that differs only a little bit of time, which is determined based on a random sequence. With no collision in transmitting time, all the packets will be delivered properly without crashed that will avoid the data corruption [3]. In some cases generate a truly random sequence using a (true) RNG is not practical, so that a PRNG is more preferred. Another problem is that there is possibility that the RNG/PRNG we use is being attacked. An adversary could find a way to compromise the input key (seed) or to manipulate the output in order to reduce the randomness property such as through insertion attack. The problem is, how does the effect of insertion attack on the randomness property of an RNG or PRNG? This paper proposes the effect of insertion attack on randomness property of AES-based PRNG of all variants with mode OFB, CFB or CTR by comparing the statistical property before and after the insertion attack. + Santi Indarjani. Tel.: +622186600645; fax: +62251-8541720. E-mail address: santi_indarjani@yahoo.com 2012 4 th International Conference on Computer Engineering and Technology (ICCET 2012) IPCSIT vol.40 (2012) © (2012) IACSIT Press, Singapore 118