See all ›

4 References# BREEZE - A CHAOS BASED PSEUDO RANDOM NUMBER GENERATOR BY HOPPING BETWEEN LOGISTIC MAP PSEUDO ORBITS

Abstract

Logistic maps (LM) expose a well studied phenomenom. The recursive call of the LM with
(1) f(xn) = τxn−1(1 − xn−1) with {τ ∈ R | (3.83,4.0]};{x ∈ R | (0,1)}
will get into chaotic state at 0<x<1 and 3.56995 <τ <3.82843 or 3.82843 <τ <=4.0 and in a theoretically infinite space of real numbers the LM will conserve the chaotic state ad infinitum (elsewhere called an ’orbit of the LM’). Each orbit is unique and subsequently deterministic to the seed x0. This makes LM an interesting candidate for deterministic Chaos Based Random Number Generation (CBPRNG).
Unfortunately in computational reality due to the double float IEEE754 representation and the resulting precision loss from rounding the single LM orbit might degrade rapidly and the period length of such a computed LM is limited in length and might even be very short (Li (2003, 2004), Arroyo (2009), Persohn and Povinelli (2012)).
The proposed ’breeze’ CBPRNG uses a number of interacting LMs with {τ ∈ R | (3.83, 4.0]} to prevent orbit degradation. Random number output gained from the intermediate result mantissa in IEEE74 double float representation of the LM orbits repeatedly passed NIST Test Suite for randomness while the speed of the Go/Golang breeze implementation outclasses Go’s standard library random implementations and implementations of the Multiply-with-Carry method and Salsa20 in Go.
See https://github.com/AndreasBriese/breeze for the detailed results and source code.

BREEZE - A CHAOS BASED PSEUDO RANDOM NUMBER

GENERATOR BY HOPPING BETWEEN LOGISTIC MAP PSEUDO

ORBITS

ANDREAS BRIESE

1. Summary

2. Introduction

3. Coding chaos

3.1. Chaos in logistic maps. Logistic maps are well studied. They exhibit chaotic

behavior if τis set to values greater than 3.57 and smaller or equal to 4.0. At τnear

3.82 chaotic (up-and-down) output is suspended, but with τgreater 3.83 output is

unpredictable and within the range of 0 to 1. Breeze uses {τ∈R|(3.83,4.0]}therefore.

f(xn) = τxn−1(1 −xn−1)with {τ∈R|(3.83,4.0]};{x∈R|(0,1)}(1)

When exploring a single logistic map, they exhibit orbits of xn∈Rdetermined by

the starting x1. In theory these orbits should be non-overlapping and expose an endless

period but if translated to ﬁnite space of computational double ﬂoat representation the

pseudo orbits caused by rounding are overlapping and periods are limited in length and

might be very short (Li (2003, 2004), Arroyo (2009), Persohn and Povinelli (2012)). The

starting points of such degradation leading to a short periods had been called pathological

seeds by Persohn and Povinelli (2012).

To prevent the before mentioned degradation of pseudo orbits the new family of

CBPRNG uses singular calculations of multiple logistic maps for random number output

instead of exploring the pseudo orbits. These multiple maps are combined in such a way,

that the outcome of one equation is used for the next calculation of another logistic

map with τn6=τn+1 after ’mirroring it at 1’ by calculation x0= 1 −x. This results in

’hopping’ between pseudo orbits of the logistic maps with any computation cycle. In

ﬁnite space of double ﬂoat computation this is turning both calculations into potential

’one-way-functions’ because of the rounding errors in IEEE double ﬂoat:

xn−1∼

=xn

τ(1 −xn)with xn=τ xn−1(1 −xn−1)(2)

x∼

=1−(1 −x)for small x (x≪0and x < 223 in particular)(3)

Date: December 18, 2014.

1

2 ANDREAS BRIESE

The multiple logistic maps in breeze are:

breeze128(6 maps :f1..6with τ1..6)

fi(xi,n) = τi(1 −xi+1,n−1)(1 −(1 −xi+1,n−1)); i∈[1..6]

breeze256(12 maps :f1..12 with τ1..12)

fi(xi,n) = τi(1 −xi+1,n−1)(1 −(1 −xi+1,n−1)); i∈[1..12]

breeze512(24 maps :f1..24 with τ1..24)

fi(xi,n) = τi(1 −xi+1,n−1)(1 −(1 −xi+1,n−1)); i∈[1..24]

represented by the following Go code:

fun c ( l ∗Br ee z e 12 8 ) r ou n dT r ip ( ) {

n ew s ta t e 1 := ( 1 . 0 −l . s t a t e 1 )

newstate1 ∗= 4 . 0 ∗l . s t a t e 1

n ew s ta t e 2 := ( 1 . 0 −l . s t a t e 2 )

newstate2 ∗= 3.999999999 ∗l . s t a t e 2

n ew s ta t e 3 := ( 1 . 0 −l . s t a t e 3 )

newstate3 ∗= 3.99999998 ∗l . s t a t e 3

n ew s ta t e 4 := ( 1 . 0 −l . s t a t e 4 )

newstate4 ∗= 3.99999997 ∗l . s t a t e 4

n ew s ta t e 5 := ( 1 . 0 −l . s t a t e 5 )

newstate5 ∗= 3 . 9 9 9 9 9 9 ∗l . s t a t e 5

n ew s ta t e 6 := ( 1 . 0 −l . s t a t e 6 )

newstate6 ∗= 3 . 9 9 9 9 9 7 ∗l . s t a t e 6

s w i t c h n e w s t a t e 1 ∗newstate2 ∗newstate3 ∗newstate4 ∗newstate5 ∗newstate6 {

c a s e 0 :

s 1 := ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 1 ))< <11>> (12 + l . b i t s h i f t % 7))

s 1 += ( ( mat h . F l o a t 6 4 b i t s ( l . s t a t e 2 )) <<11>>(12 + l . b i t s h i f t % 7))

s 1 += ( ( mat h . F l o a t 6 4 b i t s ( l . s t a t e 5 )) <<11>>(12 + l . b i t s h i f t % 7))

s 2 := ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 3 ))< <11>> (12 + l . b i t s h i f t % 7))

s 2 += ( ( mat h . F l o a t 6 4 b i t s ( l . s t a t e 4 )) <<11>>(12 + l . b i t s h i f t % 7))

s 2 += ( ( mat h . F l o a t 6 4 b i t s ( l . s t a t e 6 )) <<11>>(12 + l . b i t s h i f t % 7))

s e e d := [ 2 ] u i n t 6 4 {s 1 , s 2 }

l . b i t s h i f t ++

l . s e e d r ( s e ed )

default :

l . s t a t e 1 = 1. 0 −newstate2

l . s t a t e 2 = 1. 0 −newstate3

l . s t a t e 3 = 1. 0 −newstate4

l . s t a t e 4 = 1. 0 −newstate5

l . s t a t e 5 = 1. 0 −newstate6

l . s t a t e 6 = 1. 0 −newstate1

}

...

}

No te : ma th . F l o a t 6 4 b i t s ( ) r e t u r n s L i t t l e E nd ia n b i t r e p r e s e n t a t i o n o f t h e f l o a t d ou b le .

’ ˆ ’ me ans x or , ’> >’ ’< <’ b i t w is e s h i f t i n g a nd ’ %’ me ans mod .

The switch statement leeds to a reseed of the generator from the previous states mantissa in case one of the (new)states

rounded to Zero in the equation. The ’default:’ case leeds to interchange of the (new)state values ’mirrored at 1’.

By splitting the newstate calculation (see code) ’Fused Multiply Add’ (FMA) operation with diﬀerent internal ﬂoating

point representation in some chipsets should be prevented. The splitting should ensure that the intermediate results are

always stored in 64 bit ﬂoating point words.

The theoretical entropy of logistic map orbits (isomorphic symmetric of 1

2) in ﬁnite

space of double ﬂoat computation should be L52

2=L51 but the degradation of the map

BREEZE - A CHAOS BASED PSEUDO RANDOM NUMBER GENERATOR BY HOPPING BETWEEN LOGISTIC MAP PSEUDO ORBITS3

will reduce this in computational linear exhaustion of the maps pseudo orbits. Breeze

approach of multiple logistic maps does not suﬀer of such degradation because any new

cycle of computation may or may not be within the previous pseudo orbit (hopping eﬀect)

and the output randomness may therefore beneﬁts from the full entropic potential of the

ﬁnite space representation: H=log2(251) = 51 Sh.

3.2. Processing output from the logistic maps. In contrast to other chaos based

PRNG breeze uses the mantissa bits of the computation result from the logistic map

equation as source of random bits. As discussed before the entropy of the 52 mantissa

bits in double ﬂoat IEEE754 representation should be L51 or51 Sh. For latter crypto

graphical use of the algorithm, encapsulation of the computation outcomes is useful to

prevent leakage of any inner state of the generator. Therefore fractions of at least two

outcome mantissa are added to form one 64 bit stream that is stored in a 64 unsigned

integer. The underlying states are further obfuscated by bitwise xoring this variable by

a previous 64 bit output and the 64 bitstream deriving from two diﬀerent logistic map

equations.

This is the ’GO’ code to process the output from ﬂoat double Little Endian bit rep-

resentation:

fun c ( l ∗B re e z e1 2 8 ) r ou n dT r ip ( ) {

...

l . b i t s h i f t = ( l . b i t s h i f t + 1 ) % 20

tmp : = l . s t a t e [ 0 ]

l . s t a t e [ 0 ] = l . s t a t e [ 1 ] ˆ ( ( ( mat h . F l o a t 6 4 b i t s ( l . s t a t e 1 ) )< < 30)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 2 ))< <12>>( 13 + l . b i t s h i f t ) ) )

l . s t a t e [ 1 ] = l . s t a t e [ 2 ] ˆ ( ( ( mat h . F l o a t 6 4 b i t s ( l . s t a t e 2 ) )< < 30)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 3 ))< <12>>( 13 + l . b i t s h i f t ) ) )

l . s t a t e [ 2 ] = l . s t a t e [ 3 ] ˆ ( ( ( mat h . F l o a t 6 4 b i t s ( l . s t a t e 3 ) )< < 30)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 4 ))< <12>>( 13 + l . b i t s h i f t ) ) )

l . s t a t e [ 3 ] = l . s t a t e [ 4 ] ˆ ( ( ( mat h . F l o a t 6 4 b i t s ( l . s t a t e 4 ) )< < 30)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 1 ))< <12>>( 13 + l . b i t s h i f t ) ) )

ho p : = ( ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 5 )) < <30)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 6 )) <<12> >(13 + l . b i t s h i f t ) ) )

l . b i t s h i f t ++

l . s t a t e [ 4 ] = ( l . s t a t e [ 5 ] ˆ ( ( ( mat h . F l o a t 6 4 b i t s ( l . s t a t e 1 ) )< < 12)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 2 ))< <12>>( 13 + l . b i t s h i f t ) ) ) ) ˆ l . s t at e [ 2 ]

l . s t a t e [ 5 ] = ( l . s t a t e [ 6 ] ˆ ( ( ( mat h . F l o a t 6 4 b i t s ( l . s t a t e 1 ) )< < 30)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 3 ))< <12>>( 13 + l . b i t s h i f t ) ) ) ) ˆ hop

l . s t a t e [ 6 ] = ( l . s t a t e [ 7 ] ˆ ( ( ( mat h . F l o a t 6 4 b i t s ( l . s t a t e 1 ) )< < 30)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 4 ))< <12>>( 13 + l . b i t s h i f t ) ) ) ) ˆ l . s t at e [ 1 ]

l . s t a t e [ 7 ] = ( l . s t a t e [ 8 ] ˆ ( ( ( mat h . F l o a t 6 4 b i t s ( l . s t a t e 2 ) )< < 30)

4 ANDREAS BRIESE

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 1 )) <<12> >(13 + l . b i t s h i f t ) ) ) ) ˆ ho p

l . s t a t e [ 8 ] = ( l . s t a t e [ 9 ] ˆ ( ( ( mat h . F l o a t 6 4 b i t s ( l . s t a t e 2 ) )< < 12)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 3 )) <<12> >(13 + l . b i t s h i f t ) ) ) ) ˆ l . s t at e [ 3 ]

l . s t a t e [ 9 ] = ( l . s t a t e [ 1 0 ] ˆ ( ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 2 ) )< < 30)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 4 )) <<12> >(13 + l . b i t s h i f t ) ) ) ) ˆ ho p

l . b i t s h i f t ++

l . s t a t e [ 1 0 ] = ( l . s t a t e [ 1 1 ] ˆ ( ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 3 ) )< < 30)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 2 )) <<12> >(13 + l . b i t s h i f t ) ) ) ) ˆ l . s t at e [ 3 ]

l . s t a t e [ 1 1 ] = ( l . s t a t e [ 1 2 ] ˆ ( ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 3 ) )< < 12)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 4 )) <<12> >(13 + l . b i t s h i f t ) ) ) ) ˆ l . s t at e [ 1 ]

l . s t a t e [ 1 2 ] = ( l . s t a t e [ 1 3 ] ˆ ( ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 3 ) )< < 30)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 1 )) <<12> >(13 + l . b i t s h i f t ) ) ) ) ˆ ho p

l . s t a t e [ 1 3 ] = ( l . s t a t e [ 1 4 ] ˆ ( ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 4 ) )< < 12)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 1 )) <<12> >(13 + l . b i t s h i f t ) ) ) ) ˆ l . s t at e [ 2 ]

l . s t a t e [ 1 4 ] = ( l . s t a t e [ 1 5 ] ˆ ( ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 4 ) )< < 30)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 2 )) <<12> >(13 + l . b i t s h i f t ) ) ) ) ˆ ho p

l . s t a t e [ 1 5 ] = ( tmp ˆ ( ( ( math . F l o a t 6 4 b i t s ( l . s t a t e 4 ) )< < 30)

+ ( ( m ath . F l o a t 6 4 b i t s ( l . s t a t e 3 )) <<12> >(13 + l . b i t s h i f t ) ) ) ) ˆ l . s t at e [ 0 ]

}

No te : ma th . F l o a t 6 4 b i t s ( ) r e t u r n s L i t t l e E nd ia n b i t r e p r e s e n t a t i o n o f t h e f l o a t d ou b le .

’ ˆ ’ me ans x or , ’> >’ ’< <’ b i t w is e s h i f t i n g a nd ’ %’ me ans mod .

3.3. Initialization. The main diﬀerence between the breeze variants is their key space.

The multiple logistic maps are seeded each by x0=1

swith {s∈N|(1,221 ∨22)}.

Initialization seed derives from a 64 bit word cut into three srepresenting 21, 22, 21

bits.

That leads to a 128bit keyspace (two 64 bit words for six seedings) in breeze128, 256

bit (four 64 bit words for twelve seedings) in breeze256 and 512 bit (eight 64 bit words

for 24 seedings) in breeze512.

4. Testing for random output

4.1. NIST Test Suite. The three variants of breeze had been tested by NIST Test

Suite (NIST (2014)). 20 Sets of 100 output sequences of 8 ∗106bit length deriving from

each variant passed the test suite without warnings.

4.2. Visual patterns. Output from the PRNG was converted into RGBA-channels

of 24bit png images (8000x4000 pixels scaled to 25%) underlaid with white and black

backgrounds for visual pattern recognition and thoroughly inspected switching between

consecutive images in 1sec intervals. Human visual sense is very fast in pattern recogni-

tion. Such patterns would indicate weakness in the random output by repeated sequence

(short periods) or degradation of underlying entropy.

4.3. Test for output doublets. Degradation of the PRNG would lead to shortened pe-

riods, that are found repeatedly in the output. the breeze variants breeze128, breeze256

and breeze512 hold output arrays of 64 bit unsigned integers of length 16, 32 and 64,

that are produced by one computation cycle.

A 236 bit Bloom ﬁlter with 7 hash locations was used to check continuously for rep-

etitions of consecutive pairs of PRNG variant output (256, 512, 1024 Byte) in 100 sets

of 200 GB, 400 GB, 800 GB output length from breeze128, breeze256 and breeze512.

A single doublet was found in each of breeze128 and breeze512 total output sequences.

They occurred after 174 GB output testing in the 98th sequence and after 728 GB of

the 61rst sequence respectively.

BREEZE - A CHAOS BASED PSEUDO RANDOM NUMBER GENERATOR BY HOPPING BETWEEN LOGISTIC MAP PSEUDO ORBITS5

4.4. Results and discussion. The NIST Test Suite was passed by the test sets without

warnings and no indication of visible patterns in the generated images were observed.

Bloom ﬁlters are probabilistic approaches to test for inclusion into the ﬁlter (see

http://en.wikipedia.org/ wiki/ Bloom ﬁlter ). The ﬁlter is 100 % accurate for non-

inclusion response and if the bits corresponding to the hash values of a element to be

checked isn’t set, the ﬁlter does not include that value. But Bloom ﬁlters pose a false

positive error (meaning that all corresponding bits are set even if the value is not included

in the ﬁlter) that can be calculated by (4).

p= (1 −(1

m)kn)k

(4)

with m = No. of ﬁlter bits; k = No. of hashes (locations); n = No. of elements included.

Within the ﬁndings range (174GB: 679687500 6element number, 728GB: 710937500

6element number) the false positive probability for the ﬁndings was calculated to be

5.99e-09 and 8.12e-09 respectively - furthermore the error probability might be under-

estimated because only one hash function (sipHash) is used to compute seven locations

in the Bloom ﬁlter and sipHash is not claimed to be collision resistant.

It is assumed that these two ﬁndings by the Bloom ﬁlter test were false positives and

the fact that these ﬁndings were solitary and do not indicate a repetition in sequence (a

short period longer than three elements) is supporting this statement.

To summarize, the performed test did not indicate weaknesses in any of the variants

of the proposed chaos based pseudo random generator. Nonetheless prior to use in

security sensible areas (i.e. used as stream cipher or other cryptographic purpose) further

cryptanalysis by a third party, that underline it’s security, might be considered.

5. Literature

Shujun Li (2003): Analyses and New Designs of Digital Chaotic Ciphers. Ph.D. thesis, School

of Electronic and Information Engi- neering, Xian Jiaotong University, Xian, China. Available

online at http://www.hooklee.com/pub.html.

Shujun Li (2004): When chaos meets computers. URL http://arxiv.org/ abs/nlin.CD/0405038,

last revised in December 2005.

David Arroyo (2009): Framework for the analysis and design of encryption strategies based on

discrete-time chaotic dynamical systems, Thesis, Universidad Politecnica de Madrid, Dpto. de

Fisica y Mecanica Fundamentales y Aplicadas a la Ingenieria Agroforestal Area de conocimiento

de Fisica Aplicada y Matematica Aplicada

K. J. Persohn, R. J. Povinelli (2012): Analyzing Logistic Map Pseudorandom Number Gen-

erators for Periodicity Induced by Finite Precision Floating-Point Representation

http://povinelli.eece.mu.edu/ publications/ papers/ chaos2012.pdf

NIST Test Suite (2014): version sts-2.1.2 including changes of July 9, 2014; http://csrc.nist.gov/

groups/ ST/ toolkit/ rng/ index.html

Burton H. Bloom (1970), ”Space/Time Trade-oﬀs in Hash Coding with Allowable Errors”,

Communications of the ACM 13 (7): 422426, doi:10.1145/362686.362692

Technical Report

Logistic maps (LM) expose a well studied phenomenom. The recursive call of the LM with
f (x n) = τ x n−1 (1 − x n−1) with {τ ∈ R | (3.83, 4.0]}; {x ∈ R | (0, 1)} (1)
will get into chaotic state at 0 < x < 1 and 3.56995 < τ < 3.82843 or 3.82843 < τ <= 4.0
In a theoretically infinite space of real numbers the LM will conserve the chaotic state ad infinitum (elsewhere called an 'orbit of the... [Show full abstract]

Article

Wenn zwischen mehreren Handlungsmöglichkeiten zu entscheiden ist, trifft oft eine Binsenweisheit den Nagel auf den Kopf: "Wer die Wahl hat, hat die Qual!" Ethische Dilemmata infolge von Konflikten zwi-schen ethischen Prinzipien können eine Entscheidung ebenso erschweren wie die Schwierigkeit, zwischen vielen Übeln das kleinste auszumachen. Eine strukturierte Analyse der Problemstellung... [Show full abstract]

Article

Mobile slaughter is commonly discussed as alternative method to slaughter avoiding transportation stress in slaughter animals. In 1994 mobile slaughter became part of the coalition-contract between the two major parties, SPD and GRUNE, in the Department HESSEN. In the article the actual principles, problems to cope with EU-legislation and hygiene-standards, chances and risks of mobile... [Show full abstract]

Article

As of 1 September, 2001 existing legislation regulating outdoor dog husbandry is replaced by the domestic dog welfare directive of 2 May, 2001. The new directive applies to details of housing and breeding of dogs kept indoors and as domestic companions. Thus, minimum requirements for housing, care and feeding now apply to the great majority of private dog owners. However these requirements do... [Show full abstract]