[Cryptography] cryptography Digest, Vol 9, Issue 29

Wouter Slegers wouter at yourcreativesolutions.nl
Thu Jan 30 02:46:06 EST 2014


L.S.,

On 2014-01-29, at 21:36 , Arnold Reinhold <agr at me.com> wrote:
>> Somehow this discussion tends to run into circles.
> An astute observation. I submit this happens because there is no standard or guideline nor a process to get one that has any acceptance.  I suggested a Wiki as a start. Any other ideas?
In the Common Criteria world, especially for smart cards, BSI’s AIS31 TRNG requirements are pretty much the high end of evaluated TRNGs and effectively mandated for smart cards under the German CC scheme: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Interpretationen/AIS_31_Functionality_classes_for_random_number_generators_e.pdf?__blob=publicationFile

Note that the CC process assumes a non-hostile developer and production facility, so this does _not_ cover backdoors in the design/implementation, although the location of the entropy measurement does help in getting some assurance on the raw noise quality (and is also a major hassle in product design: how to get the raw signal out from a supposedly closed chip).
It does give some rigour to defining what entropy is, what the quality is of the output, expected short and long term failure detection mechanisms, and how to show and verify these. And there is a decade+ of experience applying these requirements (although a lot of it is painful ;-)).

Some reading notes:
AIS31 = true random number generators, i.e. mostly the hardware ones
AIS20 = Deterministic random number generators
TOE = Target of Evaluation, i.e. the thing that is evaluated, here the thing that includes the RNG.

With kind regards,
Wouter



More information about the cryptography mailing list