PRNG design document?
Ben Laurie
ben at algroup.co.uk
Fri Aug 29 06:27:41 EDT 2003
Anton Stiglic wrote:
> ----- Original Message -----
> From: "Bob Baldwin PlusFive" <baldwin at plusfive.com>
> To: "Tim Dierks" <tim at dierks.org>
> Cc: <cryptography at metzdowd.com>
> Sent: Friday, August 22, 2003 1:00 PM
> Subject: Re: PRNG design document?
>
>
>
>>Tim,
>> One issue to consider is whether the system
>>that includes the PRNG will ever need a FIPS-140-2
>>rating.
>>[...]
>
>
> As you mentioned, the FIPS-140-2 approved PRNG
> are deterministic, they take a random seed and extend it
> to more random bytes. But FIPS-140-2 has no
> provision for generating the seed in the first place,
> this is where something like Yarrow or the cryptlib
> RNG come in handy.
Actually, FIPS-140 _does_ have provision for seeding, at least for X9.17
(you use the time :-), but not for keying.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list