On Random Number Generation for Kernel Applications

An operating system kernel uses cryptographically secure pseudorandom number generator for creating address space localization randomization offsets to protect memory addresses to processes from exploration, storing users' password securely and creating cryptographic keys. The paper proposes a CSPRNG called KCS-PRNG which produces non-reproducible bitstreams. The proposed KCS-PRNG presents an efficient design uniquely configured with two new non-standard and verified elliptic curves and clock-controlled linear feedback shift registers and a novel method to consistently generate non-reproducible random bits of arbitrary lengths. The generated bit streams are statistically indistinguishable from true random bitstreams and provably secure, resilient to important attacks, exhibits backward and forward secrecy, exhibits exponential linear complexity, large period and huge key space.