In order to test reference statistics of the test we computed polynomial tests on input vectors generated by
AES-CTR(SHA256(random_32bit())) - considered as random data source. The randverif.py was used.
The first hypothesis to verify is the following: under null hypothesis (uniform input data), zscore test is input data size invariant. In other words, the zscore result of the test is not influenced by amount of data processed.
To verify the first hypothesis we analyzed 1000 different test vectors of sizes 1 and 10 MB for various settings
(block \in {128, 256} x deg \in {1, 2, 3} x comb_deg \in {1, 2, 3}) and compared results. The test was performed with
assets/test-aes-size.sh.
Second test is to determine reference zscore value for random data. For this we performed 100 different tests on 10 MB
AES input vectors in all test combinations: block \in {128, 256, 384, 512} x deg \in {1, 2, 3} x comb_deg \in {1, 2, 3}.
The goal of this experiment is to assess standard test batteries (e.g., NIST, Dieharder, TestU01) how well they perform on the battery of round reduced functions (e.g., ESTREAM, SHA3 candidates, ...)
For the testing we use Randomness Testing Toolkit (RTT) from the EACirc project. The testbatteries.py prepares data
for functions to test and the main bash script that submits tests to RTT.
python booltest/testbatteries.py --email [email protected] --threads 3 \
--generator-path ~/eacirc/generator/generator \
--result-dir ~/_nni/home/ph4r05/testdata/ \
--data-dir ~/_nni/home/ph4r05/testdata/ \
--script-data /home/ph4r05/testdata \
--matrix-size 1 10 100 1000
Test found distinguishers on RandC for 1000 different random seeds:
python booltest/randverif.py --test-randc \
--block 384 --deg 2 \
--tv $((1024*1024*10)) --rounds 0 --tests 1000 \
--poly-file polynomials-randc-linux.txt \
> ~/output.txt
In order to generate CSV from the output:
python csvgen.py output.txt > data.csv
openjdk version "1.8.0_121"
OpenJDK Runtime Environment (build 1.8.0_121-8u121-b13-0ubuntu1.16.04.2-b13)
OpenJDK 64-Bit Server VM (build 25.121-b13, mixed mode)
Ubuntu 16.04.1 LTS (Xenial Xerus)
Table summarizes function & time needed to generate 10 MB of data.
| Function | Round | Time (sec) |
|---|---|---|
| AES | 4 | 2.12984800339 |
| ARIRANG | 4 | 9.43074584007 |
| AURORA | 5 | 0.810596942902 |
| BLAKE | 3 | 0.839290142059 |
| Cheetah | 7 | 0.924134969711 |
| CubeHash | 3 | 36.8423719406 |
| DCH | 3 | 3.34326887131 |
| DECIM | 7 | 51.946573019 |
| DynamicSHA | 9 | 1.33032679558 |
| DynamicSHA2 | 14 | 1.14816212654 |
| ECHO | 4 | 2.15773296356 |
| Fubuki | 4 | 1.81450080872 |
| Grain | 4 | 67.9190270901 |
| Grostl | 5 | 2.10276603699 |
| Hamsi | 3 | 7.09616398811 |
| Hermes | 3 | 1.46782112122 |
| JH | 8 | 3.51690793037 |
| Keccak | 4 | 1.31340193748 |
| Lesamnta | 5 | 2.08995699883 |
| LEX | 5 | 0.789785861969 |
| Luffa | 8 | 2.70372700691 |
| MD6 | 11 | 2.13406395912 |
| Salsa20 | 4 | 0.845487833023 |
| SIMD | 3 | 7.54037189484 |
| Tangle | 25 | 1.43553209305 |
| TEA | 8 | 0.981395959854 |
| TSC-4 | 14 | 8.33323192596 |
| Twister | 9 | 1.38356399536 |