questions about RNGs and FIPS 140

Thor Lancelot Simon tls at
Fri Aug 27 14:02:28 EDT 2010

On Fri, Aug 27, 2010 at 07:20:06PM +1200, Peter Gutmann wrote:
> No.  If you choose your eval lab carefully you can sneak in a TRNG somewhere
> as input to your PRNG, but you can't get a TRNG certified, and if you're
> unlucky you won't be allowed to use a TRNG at all.

I am surprised you'd have trouble with this at any lab.  Isn't there
specific guidance on this in the DTRs?  My 10-years-rusty recollection
is that, specifically, the input used to key the Approved RNG may not
contain provably less entropy than the Approved RNG's output, or words
very close to that in effect.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list