questions about RNGs and FIPS 140

Thu Aug 26 12:48:00 EDT 2010

>
> 3) Is determinism a good idea?
> See Debian OpenSSL fiasco.  I have heard Nevada gaming commission
> regulations require non-determinism for obvious reasons.
>

The Nevada rules don't convincingly demand non determinism. They do say
things that probably unintentionally exclude non determinism.

"4. The random number generator and random selection process must be
impervious to influences from outside the device, including, but not
limited to, electro-magnetic interference, electro-static interference,
and radio frequency interference. A gaming device must use
appropriate communication protocols to protect the random number generator
and random selection process from influence by associated equipment which
is conducting data communications with the gaming device.
(Adopted: 9/89. Amended: 11/05; 11/17/05.)
"

An impossible requirement for a TRNG based on physical processes. This
requirement pretty much demands determinism and in practice is untestable.

Some definitions..

"23. “Randomness” is the observed unpredictability and absence of pattern
in a set of elements or events that have definite probabilities of
occurrence."

 and

"20. “Random Number Generator” is a hardware, software, or combination
hardware and software device for generating number values that exhibit
characteristics of randomness."

Definitions that both a TRNG and a PRNG can meet. They don't get down to
the nitty gritty of what the observer might know, like the internal state
of a PRNG, that would impact whether the data has 'observed
upredictability'.

"14.040 Minimum standards for gaming devices..
[]
2. Must use a random selection process to determine the game outcome of
each play of a game. The random selection process must meet 95 percent
confidence limits using a standard chi-squared test for goodness of fit.
(a) Each possible permutation or combination of game elements which
produce winning or losing game outcomes must be available for random
selection at the initiation of each play.
(b) For gaming devices that are representative of live gambling games, the
mathematical probability of a symbol or other element appearing in a game
outcome must be equal to the mathematical probability of that symbol or
element occurring in the live gambling game. For other gaming devices, the
mathematical probability of a symbol appearing in a position in any game
outcome must be constant. (c) The selection process must not produce
detectable patterns of game elements or detectable dependency upon any
previous game outcome, the amount wagered, or upon the style or method of
play.
"

Again, a PRNG would meet these requirements. The only specific test
proposed is the Chi-square GOF.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com