A Secure Password Generator Based on Pseudo Random Number Generator (PRNG)

1. Introduction
2. Literature Review
3. Proposed Secure Password Generator Based on Secure PRNG
4. Experimental Environment and Results
5. Conclusion and Future Work
6. Original Analysis & Expert Insight
7. Technical Details & Mathematical Formulations
8. Analysis Framework & Conceptual Example
9. Future Applications & Development Directions
10. References

1. Introduction

Recent years have seen continuous reports of website account and text-based password leaks, highlighting the critical importance of information and password security. Beyond website vulnerabilities, the security of the password itself is paramount. Common insecure password practices include keyword-based passwords, popular phrase-based passwords, user-information-based passwords, and password reuse. The rapid development of AI and Large Language Models (LLMs) further empowers attackers to guess passwords more effectively.

While platforms employ defenses like One-Time Passwords (OTP), multi-factor authentication (MFA), and encrypted password storage, enhancing the inherent security of passwords remains crucial. This research proposes a secure password generator based on a secure Pseudo Random Number Generator (PRNG). The PRNG is constructed using Hash-based Message Authentication Code (HMAC), Cipher-based Message Authentication Code (CMAC), or KECCAK Message Authentication Code (KMAC) to generate cryptographically secure random numbers, which are then used to produce passwords.

The main contributions are:

Proposing a secure password generator framework using HMAC-, CMAC-, or KMAC-based secure PRNGs.
Analyzing security under different character sets and password lengths, comparing it to AES-128/256.
Empirically validating the randomness of generated numbers using NIST SP 800-90B entropy and Independent and Identically Distributed (IID) tests.

2. Literature Review

2.1. Pseudo Random Number Generator Based on Linear Congruential Generator

Many programming languages (e.g., C, Java) implement PRNGs based on Linear Congruential Generators (LCG). Given a seed $k$, the sequence is generated as:

$f_0(k) \equiv a \oplus k \ (\text{mod} \ m)$

$f_i(k) \equiv a \times f_{i-1}(k) + c \ (\text{mod} \ m)$ for $i \ge 1$

However, LCGs are insecure because the next state is linearly derived from the previous one ($f_{i-1}(k) \equiv (f_i(k) - c) \times a^{-1} \ (\text{mod} \ m)$), allowing an attacker to backtrack to the seed.

2.2. Secure Pseudo Random Number Generator

2.2.1. Based on Hash-based Message Authentication Code (HMAC)

HMAC's security relies on the one-way property of cryptographic hash functions (e.g., SHA-2, SHA-3). For a key $k$ and message $M$, the HMAC is computed as:

$r_{hmac}(k, M) = h((k \oplus opad) \ || \ h((k \oplus ipad) \ || \ M))$

where $ipad$ and $opad$ are fixed padding constants, and $h$ is the hash function. To generate a random bitstream of length $L$, a counter mode is used, modifying the message for each output block: $M_i = i \ || \ \text{KDF} \ || \ 0x00 \ || \ M \ || \ L$, producing $r_{hmac,i}(k, M_i)$.

2.2.2. Based on Cipher-based Message Authentication Code (CMAC)

CMAC's security is based on the Advanced Encryption Standard (AES). For a key $k$ and message $M$ split into blocks $M'_i$ of length $l_a$, it operates in Cipher Block Chaining (CBC) mode:

$c_{i+1} = AES(k, c_i \oplus M'_{i+1})$, with $c_0 = Pad0(0)$.

The final output $r_{cmac}(k, Split(M))$ is derived from the last ciphertext block after specific padding (Pad1).

2.2.3. Based on KECCAK Message Authentication Code (KMAC)

KMAC is based on the SHA-3 (KECCAK) sponge construction, offering flexibility and security. It can be used similarly to HMAC in a counter mode to generate a deterministic, unpredictable bitstream suitable for PRNG purposes, as outlined in NIST SP 800-108 Rev. 1.

2.3. Methods for Validating Randomness

The paper adopts the NIST SP 800-90B framework for validating randomness, focusing on two key aspects:

Entropy Estimation: Measures the average unpredictability (in bits) per sample in the generated sequence. High entropy is crucial for password strength.
IID (Independent and Identically Distributed) Testing: Determines if the samples are statistically independent and follow an identical distribution. Failure indicates patterns or biases.

3. Proposed Secure Password Generator Based on Secure PRNG

The proposed system architecture involves:

Input: An optional user-provided "To-Be-Hashed Message" (TBHM) and parameters (desired password length, character set).
Secure PRNG Core: A PRNG built using one of the three MAC functions (HMAC, CMAC, or KMAC) in counter mode, as per NIST SP 800-108. This core takes the TBHM (and an internal key/seed) to generate a cryptographically secure pseudo-random bit sequence.
Password Generation: The random bits are mapped onto the user-specified character set (e.g., alphanumeric + symbols) to create a password of the desired length.

The security analysis compares the effective key space of generated passwords (based on character set size $C$ and length $L$, giving $C^L$ possibilities) against the brute-force resistance of AES-128 ($2^{128}$) and AES-256 ($2^{256}$). For example, a 16-character password from a 94-character set offers ~$94^{16} \approx 2^{105}$ possibilities, which is weaker than AES-128 but still robust for many purposes.

4. Experimental Environment and Results

4.1. Experimental Setup

Experiments were conducted to generate large sequences of random numbers using the proposed HMAC-, CMAC-, and KMAC-based PRNGs. These sequences were then subjected to the NIST SP 800-90B test suite.

4.2. Randomness Validation Results

Key Finding: The experimental results demonstrated that the random numbers generated by all three proposed PRNG methods (HMAC/SHA-256, CMAC/AES-256, KMAC) successfully passed both the entropy validation and the IID validation tests specified in NIST SP 800-90B.

Implication: This confirms that the output sequences possess high entropy and show no detectable statistical dependencies or biases, fulfilling the core requirement for a secure source of randomness in password generation.

4.3. Computational Efficiency Analysis

While not the primary focus, the paper implies a trade-off. HMAC/SHA-256 and KMAC are generally very efficient in software. CMAC/AES may have hardware acceleration advantages on specific platforms. The choice can be tailored based on the deployment environment's performance constraints.

5. Conclusion and Future Work

This research successfully designed and validated a secure password generator framework based on cryptographically strong PRNGs (HMAC, CMAC, KMAC). The generated passwords derive their security from the proven properties of these MAC functions and the validated high randomness of the underlying bitstream.

Future directions include:

Integrating the generator into browser extensions or password manager backends.
Exploring post-quantum cryptographic hash functions (e.g., based on lattice problems) as the foundation for the PRNG to ensure long-term security.
Developing a formal security proof under standard cryptographic assumptions.
Creating a user-friendly interface that educates users on the importance of password entropy.

6. Original Analysis & Expert Insight

Core Insight: Chen's work is a pragmatic, standards-compliant engineering solution to a foundational security problem: weak password entropy. It correctly identifies that the root cause of many password breaches isn't just storage flaws but predictable generation. By anchoring the solution in NIST-approved constructs (HMAC, CMAC, KMAC) and validation frameworks (SP 800-90B), the research avoids cryptographic novelty for its own sake and instead delivers a verifiably sound method. This approach mirrors the philosophy behind well-established systems like the /dev/urandom interface in Linux, which aggregates entropy from system events, but here the focus is on a deterministic, seedable, and user-influencable process suitable for reproducible password generation.

Logical Flow: The argument is methodical: 1) Establish the problem (weak, guessable passwords). 2) Dismiss common but flawed solutions (LCG-based RNGs). 3) Propose building blocks with proven security (cryptographic MACs). 4) Assemble them per existing standards (NIST SP 800-108 counter mode). 5) Validate output against rigorous benchmarks (NIST SP 800-90B). This flow is robust and mirrors best practices in applied cryptography research, similar to the structured evaluation seen in seminal works like the CycleGAN paper which systematically validated image translation quality across multiple domains and metrics.

Strengths & Flaws: The primary strength is its dependability. Using battle-tested cryptographic primitives and NIST guidance minimizes risk. The optional user-input (TBHM) is a clever feature, allowing for personalized yet secure seeds. However, a significant flaw is the lack of a direct, comparative security analysis against state-of-the-art password generators like those using Argon2 or bcrypt for key stretching in a similar context. The comparison to AES brute-force strength is useful but simplistic. The real-world attack vector is often offline cracking of hashed passwords; the paper could strengthen its case by modeling resistance against tools like Hashcat with optimized rulesets. Furthermore, while the NIST tests are authoritative, they are not exhaustive for all cryptographic properties; a discussion of resistance to side-channel attacks on the PRNG implementation would be valuable.

Actionable Insights: For security architects, this paper provides a ready blueprint. Recommendation 1: Implement the KMAC-based variant. As a SHA-3 derivative, it's designed to be resilient against length-extension attacks that theoretically affect SHA-2-based HMAC in certain scenarios, and it represents a more future-proof choice. Recommendation 2: Integrate this generator as the core engine for enterprise password vaults or SSO systems where policy-based password creation is required. Its deterministic nature (same TBHM + parameters = same password) can be a feature for recovery scenarios. Recommendation 3: Complement this technical solution with user education. The generator can produce a 20-character random string, but if the user opts for a short, memorable TBHM and a 8-character length, security plummets. The interface must enforce sane defaults (e.g., minimum 12 characters, full character set) and visually convey entropy strength, much like the password strength meters informed by research from organizations like the NCC Group.

7. Technical Details & Mathematical Formulations

The core security relies on the pseudo-random function (PRF) property of the MACs. The PRNG in counter mode can be abstracted as:

$R_i = PRF(K, \text{Counter} \ || \ \text{Label} \ || \ 0x00 \ || \ \text{Input} \ || \ L)$

where $PRF$ is $HMAC$, $CMAC$, or $KMAC$, $K$ is a secret key, and $R_i$ are the output blocks concatenated to form the final bitstream.

Password Mapping: Given a random integer value $v$ derived from the bitstream and a character set of size $C$, the character index is selected as: $index = v \mod C$. This is repeated $L$ times.

8. Analysis Framework & Conceptual Example

Scenario: A web service needs to generate a high-strength, random initial password for new users.

Framework Application:

Parameter Selection: The service chooses KMAC256 as the PRF, a system-derived cryptographic key $K_{sys}$ stored securely, and a TBHM composed of the user's unique, immutable UserID and a timestamp.
Process:
- Input: TBHM = "USER12345@2023-10-27T10:30:00Z", Length $L$ = 16, Character Set = 94 printable ASCII.
- The PRNG core processes this with $K_{sys}$ in counter mode to generate 128 random bits (16 chars * log2(94) ≈ 105 bits, so 128 bits provides ample entropy).
- Bits are converted to a string like: s9*!Lq9@Pz%2m#X&
Security Properties:
- Unpredictability: Without $K_{sys}$, the output is unpredictable even if the TBHM is known.
- Determinism: The same user at that exact moment would get the same password, aiding in debugging.
- High Entropy: The password has ~105 bits of entropy, making brute-force infeasible.

9. Future Applications & Development Directions

Post-Quantum Cryptography (PQC) Integration: As quantum computing advances, SHA-2 and AES-256 may become vulnerable to Grover's algorithm. Future versions can integrate PQC-standardized hash functions (e.g., based on SPHINCS+) or symmetric designs (e.g., ASCON) as the underlying PRF. The framework's modularity allows for such a swap.
Decentralized Identity and Web3: The generator can be adapted to create deterministic, recoverable cryptographic seeds or mnemonics for blockchain wallets. The TBHM could be a user's biometric hash + a decentralized identifier (DID).
Hardware Security Module (HSM) Enhancement: The core PRNG logic, especially using CMAC/AES, can be embedded within HSMs for generating root-of-trust credentials in cloud and IoT environments, providing tamper-resistant key generation.
Adaptive Password Generation: The system could dynamically adjust the character set or length based on the sensitivity of the target account (e.g., banking vs. forum), guided by policy engines.

10. References

M. Bellare, R. Canetti, and H. Krawczyk, "Keying Hash Functions for Message Authentication," CRYPTO 1996.
NIST, "Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication," SP 800-38B.
NIST, "SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions," FIPS PUB 202.
NIST, "Recommendation for the Entropy Sources Used for Random Bit Generation," SP 800-90B.
NIST, "Recommendation for Key Derivation Using Pseudorandom Functions," SP 800-108 Rev. 1.
J. Kelsey, B. Schneier, and N. Ferguson, "Yarrow-160: Notes on the Design and Analysis of the Yarrow Cryptographic Pseudorandom Number Generator," SAC 1999.
J. Zhu, T. Park, P. Isola, A.A. Efros, "Unpaired Image-to-Image Translation using Cycle-Consistent Adversarial Networks," ICCV 2017. (Cited as an example of rigorous methodological evaluation).
NCC Group, "Password Storage Cheat Sheet," OWASP Foundation. (Cited as a source for practical password policy guidance).

Table of Contents