Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Cryptography and security applications make extensive use of random numbers and random bits, particularly for the generation of cryptographic keying material. A key to initiate a cryptographic algorithm needs to be unpredictable and statistically unique,that is, to have at most a negligible chance of repeating the value of a previously selected key. Selecting a key at random ensures that there is no known structure to the key selection process that an adversary might be able to use to determine the key, other than by an exhaustive search.
NIST is in the process of completing the development of approved methods for random bit generation. SP 800-90A specifies approved Deterministic Random Bit Generator (DRBG) mechanisms (i.e., algorithms) for generating random bits, given sufficient entropy in their seeding process. Two additional publications have recently been provided for public comment: SP 800-90B and SP 800-90C. SP 800-90B addresses the entropy sources needed to seed the DRBG mechanisms and includes both health tests and validation tests; SP 800-90C specifies constructions for creating random bit generators from entropy sources and DRBG mechanisms. The public comment period for these documents ends on December 3, 2012.
This workshop will discuss these documents and their validation by NIST's validation programs. It is expected that the primary focus of the workshop will be on the entropy sources discussed in SP 800-90B.
Reference Documentation: Copies of NIST SP 800-90B and NIST SP 800-90C will not be available at the workshop. If you'd like to reference either document while at the workshop, please print a copy to bring along.
Preliminary Agenda
Wednesday, December 5, 2012 | |
| 9:00am - 9:15am | Welcome and workshop purpose (Elaine Barker, NIST) |
| 9:15am - 10:15am | High-level presentation of SP 800-90B (John Kelsey, NIST) |
| 10:15am - 11:15am | Presentation of non-IID tests (Patrick Hagerty) Paper: Entropy Bounds and Statistical Tests |
| 11:15am - 11:45am | Break (refreshments available for purchase in the cafeteria) |
| 11:45am - 12:15pm | General discussion of SP 800-90B (led by Mike Boyle)
|
| 12:15pm - 1:00pm | Lunch (available for purchase in the cafeteria) |
| 1:00pm - 2:30pm | Collecting raw data (discussions led by John Kelsey, NIST) |
| 2:30pm - 3:00pm | Break (available for purchase from the Snack Stand. Take lobby elevator to Level B) |
| 3:00pm - 5:00pm | Test Discussions (John Kelsey, NIST and Patrick Hagerty)
|
Thursday, December 6, 2012 | |
| 9:00am - 9:30am | General CAVP and CMVP testing strategy - how testing will change (Mike Cooper, NIST) |
| 9:30am - 10:00am | CAVP testing - Current Algorithm Validation Testing vs. Entropy Source Validation Testing (Sharon Keller, NIST) |
| 10:00am - 10:30am | Envisioned transition strategy from old RNG requirements to SP 800-90 requirements (Mike Cooper, NIST) |
| 10:30am - 11:00am | Break (available for purchase from the cafeteria) |
| 11:00am - 11:30am | Evaluating Entropy Source Testing Tool Implementation of NIST SP 800-90B Min-entropy Estimation Framework (Tim Hall, NIST) |
| 11:30am - 12:30pm | Current Testing/Validation Issues (Sharon Keller, NIST) |
| 12:30pm - 1:15pm | Lunch (available for purchase in the cafeteria) |
1:15pm - 4:45pm (includes a 30-minute break) | Testing SP 800-90B entropy sources (discussions led by Tim Hall, NIST)
Intel and Random Numbers (David Johnston, Intel) RBG Construction Issues (discussions led by Elaine Barker, NIST)
|
| 4:45pm - 5:00pm | Closing (Elaine Barker, NIST) |