questions about RNGs and FIPS 140
Eric Murray
ericm at lne.com
Thu Aug 26 13:10:02 EDT 2010
On Thu, Aug 26, 2010 at 12:13:06PM -0400, Perry E. Metzger wrote:
> It is difficult to validate that a hardware RNG is working
> correctly. How do you know the bits being put off aren't skewed
> somehow by a manufacturing defect? How do you know that damage in the
> field won't cause the RNG to become less random?
FIPS 140-1 did allow non-deterministic HW RNGs. If you used one
then you had to run a boot-time self-test which, while not even close to an
exhaustive RNG test, would hopefully detect a HW RNG that had failed.
Eric
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list