Random Number Generation (RNG) is the cornerstone primitive for most security applications. The design of Random Number Generators, whether hardware-based or fully software, is at the core of our expertise.
Give us the instruction set of your microcontroller and we do the rest.
We have more than 16 years of experience in developing and delivering cycle-accurate optimized cryptographic libraries. Our software can be declined on a variety of hardware platforms and support standard and advanced cryptographic algorithms.
Certifying your RNG should not be a random process!
CryptoExperts offers consulting services to evaluate the security of RNG implementations. Do you have your own RNG legacy and need to undergo a AIS20/31 or FIPS 140-2 certification process? We can help you put together the appropriate security arguments as a source for your certification documents.
Don't give bad randomness a chance.
Any cryptographic algorithm requires randomness at some point. And it's better be good! Even the most advanced cryptosystem will eventually fail if associated with a bad TRNG or PRNG, putting at risk the full stack of security measures you carefully crafted. Hopefully, we've got you covered.
Security by design is not an abstract concept.
Beware of alleged "military grade secure" products. It is one thing to use AES-256 or RSA-4096, using it correctly is a different kettle of fish.
We can help you build innovative products that require any standard or advanced cryptographic tools, such as elliptic curves, identity-based encryption, anonymous signatures, e-cash, DRM, Pay-TV and many others.
Forward/backward-secure deterministic RNGs
Deterministic (aka. pseudorandom) Random Number Generators (DRNG, DRBG) are cryptographic constructions that create pseudorandom binary sequences from a short internal state. Several approaches based on block ciphers, hash functions or particular mechanisms coexist among current best practices and industry standards.
Although approved DRNGs are subject to strong security expectations, not all of them achieve the best possible security level known as backward secrecy (BSI’s terminology) which states that numbers generated in the past must remain unpredictable when the current internal state is compromised. Our DRNG designs achieve that remarkable property and their concrete security level is guaranteed using security proving.
Post-processing for hardware TRNGs
Physical/Hardware/True RNGs compose a source of digitized noise together with a post-processing hardware module to realize random generation with high entropy. Most commonly found approaches for post-processing are empiric and have no security argument other than passing a number of approved statistical tests. Because we strongly believe that the security-by-design approach is by far the most powerful and preferable, CryptoExperts has developed a post-processing technology which combines the cost-effectiveness of a lightweight hardware implementation with proven randomness properties. Our post-processing design can be combined with any physical noise to get a TRNG with high-entropy output. Our design offers full robustness against attacks attempting to corrupt the noise source by influencing environment variables (temperature, voltage, frequency, etc.) in which the RNG operates.
AIS-20/31 certification readiness
All our RNG and post-processing designs are tailored to satisfy AIS20/31 requirements (PTG.1/2/3, DRG.1/2/3/4). Are you planning on going through a certification? CryptoExperts will provide you with technical support all along the process. Getting your certificate is not a matter of chance!