Insertion attack effects on standard PRNGs ANSI X9.17 and ANSI X9.31 based on statistical distance tests and entropy difference tests

Insertion attack is one form of active attack against a random number generator, that aimed to undermine even frustrate the performance of a system by destroying randomness of the output sequences of the RNG/PRNG. This paper proposed the insertion attack effects on standard PRNGs ANSI X9.17 and ANSI X9.31 by applying the statistical distance test and entropy difference test. The experiments mounted under simulation by inserting 1-bit trough 3-bits in random manner into a random sequence produced by the PRNGs in five block levels of insertion, i.e. 32-bits, 64 bits, 128 bits, 256 bits, and 512 bits. The two tests are conducted under advantage value ε = 0.0001 From the statistical distance tests, it was found that the insertion attack with random bits does not affect the randomness property of both PRNGs under advantage ε = 0.0001, but it does affect under advantage ε = 0.00001, with the most effect occurred in 1-bit insertion attack with a percentage of 76%. On entropy difference tests we found interesting results where the insertion attack with random bits only affect PRNG ANSI X9.17 with the most percentage 36%, but has no effect at all on PRNG ANSI X9.31 under ε = 0.0001. Decreasing the advantage value into ε = 0.00001, we found that a PRNG ANSI X9.17 have the most significant effect with a percentage of 72%, and ANSI X9.31 with effects less than 45%. As a comparison, the result of maximum statistical distance test with extreme bits with advantage ε = 0.0001 we found this attack gives effect of 96% and more, and under ε = 0.00001 this attack successfully applied with a percentage of 100% on each level. Therefore, the insertion attack on PRNGs could be dangerous that should be anticipated.