Forward secure pseudorandom number generation resilient to forward clock attacks

摘要

Methods and apparatus are provided for generation of forward secure pseudorandom numbers that are resilient to such forward clock attacks. A forward secure pseudorandom number is generated by obtaining a first state s_i corresponding to a current leaf node ν_i in a hierarchical tree, wherein the current leaf ν_i produces a first pseudorandom number r_i−1; updating the first state s_i to a second state s_i+t corresponding to a second leaf node ν_i+t; and computing a second pseudorandom number r_i+t−1 corresponding to the second leaf node ν_i+t, wherein the second pseudorandom number r_i+t−1 is based on a forward clock reset index that identifies an instance of the hierarchical tree, wherein the instance of the hierarchical tree is incremented when one or more criteria indicating a forward clock attack are detected. The forward clock reset index can be encoded in a forward secure manner in the hierarchical tree.