MPEMathematical Problems in Engineering1563-51471024-123XHindawi Publishing Corporation93180210.1155/2012/931802931802Research ArticleA Novel True Random Number Generator Based on Mouse Movement and a One-Dimensional Chaotic MapXingyuanWangXueQinLinTengLenciStefanoFaculty of Electronic Information and Electrical EngineeringDalian University of Technology Dalian 116024Chinadlut.edu.cn201222201220121407201119102011261020112012Copyright © 2012 Wang Xingyuan et al.This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

We propose a novel true random number generator using mouse movement and a one-dimensional chaotic map. We utilize the x-coordinate of the mouse movement to be the length of an iteration segment of our TRNs and the y-coordinate to be the initial value of this iteration segment. And, when it iterates, we perturb the parameter with the real value produced by the TRNG itself. And we find that the TRNG we proposed conquers several flaws of some former mouse-based TRNGs. At last we take experiments and test the randomness of our algorithm with the NIST statistical test suite; results illustrate that our TRNG is suitable to produce true random numbers (TRNs) on universal personal computers (PCs).

1. Introduction

Random number generators (RNGs) have been widely used in recently science and technology, such as simulation, sampling, numerical analysis, computer programming, decision making, recreation, cryptographic protocols, and cryptosystems . RNGs have two basic types: true random number generators (TRNGs) and pseudorandom number generators (PRNGs). TRNGs produce true random numbers, which are nondeterministic. That means even if all the previous values have been gotten, the next value is unpredicted. PRNGs, on the contrary, are deterministic. The pseudorandom numbers (PRNs) are generated by deterministic programs and an input called seed and can be predicted by post-time series. Because TRNGs have better security property, in the higher security required areas, like generating cryptographic keys and initialization variables in cryptographic protocols, and so forth, TPRGs are irreplaceable.

However, it is widely known that TRNGs need a certain physical phenomena, like thermal noise [8, 9], atmospheric noise [10, 11], and coin tossing . So if one wants to utilize the above methods to produce true random numbers (TRNs) in a personal computer (PC), which is the most widely used platform, additional equipments must be required. It is impossible in short-finance situation. So we turn to figure out the problem by using the existed equipments. We consider mouse a proper source for TRNs, because it is used universally and it produces a real random source. People move mouse in a true random pattern, and others could hardly tell the regulation of it. Even the attackers get the pattern of the past mouse movement, they cannot tell the following action the user will take. Thus, mouse appears to be a TRNG, and an increasing number of researches are focusing at this field.

Hu et al.  and Zhou et al.  talk about the algorithms of generating TRNs based on mouse movement and chaotic cryptography, respectively. In literature , Hu et al. provide three approaches to postprocess the mouse movement pattern, and one way to transform mouse movement pattern to digital numbers. Experiment results show that their methods pass statistical tests. However, in literature , Zhou et al. also provide three approaches, two of which are different from the approaches in literature , while one of which is the same. Although two of approaches in literature  and all of those in literature  can pass the randomness test, there are some drawbacks of their algorithms. Firstly, their methods require proper movement numbers of mouse movement pattern; neither too much or too little will break the security of the algorithm. This is because their postprocess way is generally a way to count pixels of the image, so if the image’s pixels’ distribution is not uniform, the produced TRNs are not uniform, either. Thus, the produced RNs cannot pass statistical tests  and be provided randomness. That is to say, the TRNs’ properties rely on the mouse-produced image’s properties. Combining this reason and the issue of key space, literature  requires the number of points of samples to be between 256 and 1024, which limits user’s action, and is inconvenient. Second, the “MASK” method, which is considered by that first paper as the best approach among the three methods of that paper and concluded that it is able to practice in common PC applications, is a parallel image encryption algorithm ; it is not suitable for using on a one-element PC. Plus, the tent-map-based approach (TMA) contained in literature  is evaluated by the author that is unconvinced for users, since it can only produce a 104-bit random number with a single mouse movement. As well as the other method mentioned in literature , the free forward-feedback nonlinear digital filter method (FFNF) is also not suitable for usage because of its low speed. And the discrete 2D chaotic map permutation method in literature  has not also been considered random at all. Thus, we just need to compare the left two approaches, the Spatiotemporal chaos method in literature  and the New approach based on tent map method (NPTM) in literature .

Here we propose a simple algorithm of TRNGs based on user’s mouse movement and a one-dimensional chaotic map. We utilize the x-coordinate to be the length of an iteration segment of our TRNs and y-coordinate to be the initial value of this iteration segment. And, when it iterates, we perturb the parameter. We take some experiments and a NIST statistical suite to test the randomness of this TRNG and compare it to the two methods mentioned above. Results show that our algorithm is random and most of the randomness properties are better than the two methods. Plus, the time cost of our algorithm is even lower. And also, our algorithm needs no additional equipments. Therefore, we can conclude that our algorithm is an effective and practicable method to produce TRNs for universal computers.

2. Introduction of the One-Dimensional Chaotic Map

In 2009, Aguirregabiria proposed a class of one-dimensional smooth map , which is depicted as follows. It has a good property that, in a certain parameter interval, this class of maps has positive Lyapunov exponent:fr(x)=(1+r)f(x)f(c)+rf(x), here f should accord in three conditions:

f:[0,1][0,1] of class C3,

the Schwarzian derivative is negative in the whole interval. Schwarzian derivative is defined as Sf(x)=f(x)f(x)-32(f(x)f(x))2,

f is a unimodal map and f(0)=f(1)=0. That is to say, the map increases from f(0)=0, when it comes to the maximum f(c), c(0,1), the map begins to decrease until f(1)=0 again.

When map satisfies the three conditions above, we call the map “S-unimodal” .

Take f(x)=x(1-x), for example, and in the rest of this paper, f(x) is also defined as that. Then, by the proof in literature , the function fr(x) has positive Lyapunov exponent in the interval (-0.75,+). We draw the Lyapunov exponent in Figure 1(a) by computing numerically byλ=limN1Nn=1Nln|fr(xn)|.

The curves of Lyapunov exponent.

Map (1) for r(-1,100)

Map (4) for r(-30,70), k=30

And then, we use a modified class of one-dimensional maps in (2.4), here k is the expansion coefficient of r on negative axle:frk=(k+r)f(x)kf(c)+rf(x).

By simple calculation, one can find out that when r>k, frk is S-unimodal, too. Here we take k=30; one can see that frk has positive Lyapunov exponent λ showed in Figure 1(b), when r>-22.5. And in the rest of this paper, we are likely to use these parameters to build our TRNG.

3. TRNGs Algorithm Based on Mouse Movement

Here we are going to depict our algorithm carefully. We firstly choose the one-dimensional map depicted before to be the iteration map of our TRNGs algorithm. We then get the pattern of the mouse movement showed in Figure 2, which is the material of our TRNGs. We utilize the points of mouse movement, which construct Figure 2. We consider the x-coordinate of a point to be the numbers of the iteration and the y-coordinate to be the initial of the iteration. So that one point can deduce a sequence of numbers, which is produced by iterations. The more points the mouse moving, the more sequences will be produced. And as the initial value and the numbers of one iteration are totally unknown and absolutely cannot be predicted, those sequences are TRNs. And even there are only a few points existed; there will be lots of numbers produced. That solves the problem in literature  of constraining the number of points of mouse movement pattern. To remark it, the y-coordinate should be divided by 900 before it is used to be the initial value.

The mouse movement pattern.

What is more, we add perturbation in each iteration, which will increase the randomness and break the periodic phenomenon. We replace the parameter ri with the value xi-1.5. That will guarantee the parameter r will not depart too much but approximate the value −1. It will preserve properties of the TRNs we produced. And we use the binary quantization to transform our TRNs to a binary sequence in (3.1). Here t is the threshold, and we adopt t=0.5. Although there are lots of methods to be the transformation , we still use binary quantization for its simplicity. In the next section, we will introduce several experiments and statistical tests to test the sequence we generated whether random or not and compare the time cost and the randomness with the spatiotemporal chaos approach:xi={0,xi<t,1,xit,iN.

4. Experiments and Results4.1. Kernel Density Map, Histogram, and Autocorrelation Function

Using the algorithm we proposed above and the pattern we have, we produced 1000000 TRNs. We firstly draw the kernel density map in Figure 3 and histogram in Figure 4 with the real value sequence of our TRNs, which are real numbers. The histogram equation is inD=0n-d-1xixi+d,d0.

Kernel density map.

Histogram of the sequence.

Considering x is an n number binary sequence, x′′ is a shifted sequence referred to x. Let D be the number of bit-to-bit disagreements between xand x′′. Here d is the number of time sequences between x and x′′.

Moreover, we draw the autocorrelation function of our binary sequences TRNs using the equation in (4.2).

The autocorrelation function C isC=n-d-2Dn-d.

The autocorrelation function then is shown in Figure 5, which is a δ-like function.

Autocorrelation function.

4.2. NIST Statistical Test Suite

We also test our binary sequences with the NIST statistical test suite , which depicts deviations of a binary sequence from randomness. Unlike the Version 1.7 (and before) NIST statistical test suite  used in , which contains 16 items, including Lempel-Ziv complexity test (LZCT), we use the 2010 version NIST statistical test suite , the number of the items of which is 15. Thus, in this paper, we just list 15 items for comparison. The value of each test represents the degree of randomness of the tested sequence. If the value is bigger than 0.01, it demonstrates that the sequence passes the test and could be considered as random. And the bigger the value is, the more random the sequences are. For more details, please refer to literature . In this test, all approaches were implemented with nonoptimized Matlab codes, running on an ordinary PC with 1.5 GHz Intel Celeron CPU.

In Table 1, we compare the time used in order to generate 256-bit data, including our algorithm, Spatiotemporal chaos in literature , and the New approach based on tent map (NPTM) in literature . Moreover, we list results of the NIST statistical test suite of our algorithm, the spatiotemporal chaos approach contained in literature , and the New approach based on tent map (NPTM) contained in literature  in Table 2. As there are two tests of spatiotemporal chaos approaches for n=1000 and n=10000, respectively, we list them all in the table.

Average time required to generate a random number using different approaches.

ApproachOur algorithmSpatiotemporal chaosNPTM
Total time (milliseconds)217230282

800-22 test’s results.

TestOur algorithmSpatiotemporal chaos (n=10000)Spatiotemporal chaos (n=1000)NPTMConclusion
Frequency test0.7236740.32950.09380.1223Random
Frequency test within a block0.7777090.83030.91750.2236Random
Runs test0.6032110.98810.89990.0391Random
Test for the longest run of ones in a block0.7840890.37820.20190.0616Random
Binary matrix rank test0.264830.82740.67240.3221Random
Discrete fourier transform test0.8077480.20870.03460.2622Random
Maurer’s “universal statistical” test0.4412630.24570.14660.0640Random
Linear complexity test0.6267670.57250.46540.3267Random
Nonoverlapping template matching test0.9048320.62380.53830.0012Random
Overlapping template matching test0.6256510.22640.01410.4118Random
Approximate entropy test0.702130.50390.41800.9737Random
Serial test0.6170750.34480.10570.6434Random
Cumulative sums test0.7375180.27880.13140.1875Random
Random excursions test0.722640.35380.40720.6352Random
Random excursions variant test0.8638320.74590.67310.9216Random
4.3. Results and Comparison

By comparing the items in Table 2, we find out that there are more items, although not all of them, of our algorithm that are better than that of the other three methods. For example, comparing to Spatiotemporal chaos (n=10000) and Spatiotemporal chaos (n=1000), there are 12 items in 15 in the table of our method that are better than that of the two methods. And also, comparing to NPTM, there are also 11 items of ours that are better than that of it.

5. Conclusion

In this paper, we first summarize some drawbacks of two proposed mouse movement TRNGs and propose a novel TRNG which conquers the flaws of the former two. The new algorithm is based on mouse movement and a one-dimensional chaotic map. The approach utilizes the x-coordinate of the mouse movement to be the length of the iteration, and the y-coordinate to be the initial value of this iteration segment. And we perturb the parameter with the real value of the produced TRNG itself when it iterates.

And then, we do some experiments and we compare the time cost of the three approaches and get the result that ours is a little bit faster than the other two. Last but not least, we test the three sequences with the NIST statistical test suite. Results show that our algorithm is better than the other two and is suitable to produce TRNs on universal PC.

Acknowledgments

This research is supported by the National Natural Science Foundation of China (nos. 61173183, 60973152, and 60573172), the Superior University Doctor Subject Special Scientific Research Foundation of China (no. 20070141014), and the Natural Science Foundation of Liaoning province (no. 20082165).

KnuthD. E.The Art of Computer Programming. Vol. 2: Seminumerical Algorithms19812ndReading, Mass, USAAddison-Wesleyxiii+688633878JakimoskiG.KocarevL.Chaos and cryptography: block encryption ciphers based on chaotic mapsIEEE Transactions on Circuits and Systems. I2001482163169182054110.1109/81.904880ZBL0998.94016RivestR. L.ShamirA.AdlemanL.A method for obtaining digital signatures and public-key cryptosystemsCommunications of the Association for Computing Machinery197821212012670010310.1145/359340.359342ZBL0368.94005WangB.WuQ.HuY.A knapsack-based probabilistic encryption schemeInformation Sciences2007177193981399410.1016/j.ins.2007.03.0102346775ZBL1142.94361CaoF.CaoZ.A secure identity-based proxy multi-signature schemeInformation Sciences2009179329230210.1016/j.ins.2008.05.0392473017ZBL1156.94337XiaoD.LiaoX.DengS.A novel key agreement protocol based on chaotic mapsInformation Sciences200717741136114210.1016/j.ins.2006.07.0262288747XiaoD.LiaoX.DengS.Using time-stamp to improve the security of a chaotic maps-based key agreement protocolInformation Sciences200817861598160210.1016/j.ins.2007.11.0012406988ZBL1131.94017TokunagaC.BlaauwD.MudgeT.True random number generator with a metastability-based quality controlIEEE Journal of Solid-State Circuits20084317885BucciM.GermaniL.LuzziR.TrifilettiA.VaranonuovoM.A high-speed oscillator-based truly random number source for cryptographic applications on a smart card ICIEEE Transactions on Computers20035244034092-s2.0-003762494410.1109/TC.2003.1190581DavisD.IhakaR.FenstermacherP.Cryptographic randomness from air turbulence in disk drivesAdvances in Cryptology1994839114120HolmanW. T.Alvin ConnellyJ.DowlatabadiA. B.An integrated analog/digital random noise sourceIEEE Transactions on Circuits and Systems I19974465215282-s2.0-0031170143HuY.LiaoX.WongK. W.ZhouQ.A true random number generator based on mouse movement and chaotic cryptographyChaos, Solitons and Fractals2009405228622932-s2.0-6554908312910.1016/j.chaos.2007.10.022ZhouQ.LiaoX.WongK.-W.HuY.XiaoD.True random number generator based on mouse movement and chaotic hash functionInformation Sciences2009179193442345010.1016/j.ins.2009.06.0052574351AguirregabiriaJ. M.Robust chaos with variable Lyapunov exponent in smooth one-dimensional mapsChaos, Solitons and Fractals2009424253125392-s2.0-6765099579110.1016/j.chaos.2009.03.196HongZ.XietingL.Generating chaotic secure sequences with desired statistical properties and high securityInternational Journal of Bifurcation and Chaos in Applied Sciences and Engineering1997712052132-s2.0-0030635241LiP.LiZ.FettingerS.MaoY.HalangW. A.Application of chaos-based pseudo-random-bit generators in internet-based online paymentsStudies in Computational Intelligence2007376676852-s2.0-3394711684110.1007/978-3-540-37017-8_31LingC.SunS. G.4-phase spreading sequences by chaotic maps for CDMAJournal of China Institute of Communications19981934044KohdaT.TsunedaA.Statistics of chaotic binary sequencesIEEE Transactions on Information Theory1997431104112142623910.1109/18.567654ZBL0871.94021NISTA statistical test suite for random and pseudo-random number generators for cryptographic applications2010, http://csrc.nist.gov/publications/nistpubs/800-22-rev1a/SP800-22rev1a.pdfNIST Special Publication 800-222001, http://csrc.nist.gov/rng/rng2.html