CryptoQNRG: a new framework for evaluation of cryptographic strength in quantum and pseudorandom number generation for key-scheduling algorithms

Abstract

In a cryptosystem, a cipher's security is directly dependent on a key-schedule or key-scheduling algorithm (KSA) or that is used for both encryption and decryption. The random-number-based KSA adds another layer of security and prevents hackers from performing cryptanalysis. Several previous studies have investigated the strength of a cipher's encryption process. The strength evaluation of the key-scheduling process has received less attention that can lead to weaknesses in the overall encryption process. This paper proposes a new framework consisting of cryptographic strength evaluation criteria for random number generators (RNG)-based KSAs. Our framework (CryptoQNRG) evaluates different key-schedules based on pseudorandom and quantum random number generators with a set of tests. There are test suites that compare the strength of KSAs for different block ciphers. To the best of our knowledge this is the first time that a framework is built to compare the strength of KSAs incorporating RNGs and various block ciphers. CryptoQNRG comprises of four tests: Frequency, Bit_Correlation, Bit_Interfold, and Bit_Entropy. The tests are used to explore cryptographic properties such as unpredictability, balance of bits, correlation, confusion, and diffusion in the subkeys generated by the RNG-based KSA. We have evaluated the most common KSAs with different block ciphers and a significant outcome of the proposed framework is the distinction between strong and weak RNG-based KSAs.