Meltem Sonmez Turan, Guest Researcher, NIST. The security of cryptographic protocols relies on the randomness of the cryptographic keys that they use. Deterministic random bit generators (DRBGs) are used to create strong keys, however they need to be seeded by truly random values generated by entropy sources. Entropy sources extract randomness from physical processes. Designing entropy sources is a difficult problem, as the statistical quality of the entropy source outputs may be weak, and post-processing the outputs to reduce the bias may be necessary. Additionally, the sources may be fragile and can be affected by the changes in the operating conditions such as temperature and humidity; hence, extra components to check the health of the source are usually required. NIST and German Federal Office of Information Security (BSI) have published guidance on generating strong random numbers. NIST’s SP 800-90 series has three parts: 90A includes specifications of several DRBGs; 90B is on entropy sources; and 90C provides guidance on constructing random number generators from DRBGs and entropy sources. Similarly, BSI’s AIS31 describes how to assess physical random number generators and AIS20 is related to deterministic random number generators. There are some differences between the NIST and BSI approaches to the validation of random number generators. This talk provides a summary of both approaches and a comparison in terms of validation and design requirements, entropy estimation, and underlying assumptions.

General Technology Track