NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage

Random Number Generation

May 2-3, 2016: NIST is planning to host a workshop on Random Number Generation to discuss the SP 800-90 series, specifically, SP 800-90B and SP 800-90C.

April 13, 2016: NIST invites comments on the second draft of NIST Special Publication (SP) 800-90C, Recommendation for Random Bit Generator (RBG) Constructions. This Recommendation specifies constructions for the implementation of RBGs. An RBG may be a deterministic random bit generator (DRBG) or a non-deterministic random bit generator (NRBG). The constructed RBGs consist of DRBG mechanisms, as specified in SP 800-90A, and entropy sources, as specified in SP 800-90B.

Full Request for Comments on NIST SP 800-90C.

January 27, 2016: NIST announces the second draft of NIST Special Publication (SP) 800-90B, Recommendation for the Entropy Sources Used for Random Bit Generation. This Recommendation specifies the design principles and requirements for the entropy sources used by Random Bit Generators, and the tests for the validation of entropy sources. These entropy sources are intended to be combined with Deterministic Random Bit Generator mechanisms that are specified in SP 800-90A to construct Random Bit Generators, as specified in SP 800-90C.

Final Comments Received on NIST SP 800-90B (May 2016)

Full Request for Comments on NIST SP 800-90B.


June 25, 2015:
NIST announces the completion of Revision 1 of NIST Special Publication (SP) 800-90A, Recommendation for Random Number Generation Using Deterministic Random Bit Generators. This Recommendation specifies mechanisms for the generation of random bits using deterministic methods. In this revision, the specification of the Dual_EC_DRBG has been removed. The remaining DRBGs (i.e., Hash_DRBG, HMAC_DRBG and CTR_DRBG) are recommended for use. Other changes included in this revision are listed in an appendix.


Generally-speaking, there are two types of random number generators (RNGs):

  1. RNGs based on Deterministic Random Bit Generators (DRBGs), also known as Pseudorandom Number Generators, and
  2. RNGs based on Non-deterministic Random Bit Generators (NRBGs), also known as "True" Random Number Generators.

Approved Algorithms

Currently, there exist several Approved1 DRBGs, and no Approved NRBGs. Approved DRBG algorithms are specified in SP 800-90A.

As discussed in NIST SP 800-131A, Transitioning the Use of Cryptographic Algorithms and Key Lengths, several algorithms are no longer approved for random number generation. These include the Dual_EC_DRBG (originally specified in SP 800-90A), and the RNGs specified in FIPS 186-2, ANS X9.31 and ANS X9.62-1998.

Back to Top

Algorithm Testing

Testing requirements and validation lists are available from the Cryptographic Algorithm Validation Program (CAVP).

Back to Top

RNG Testing

NIST Special Publication 800-22rev1a, A Statistical Test Suite for Random and Pseudorandom Number Generators.

SP 800-22 provides a set of statistical tests for testing and evaluating deterministic and non-deterministic random number generators.

NIST has published an ITL Bulletin that summarizes SP 800-22.

NIST maintains a general web page on Random Number Generation and Testing that contains links to documentation and code.

Back to Top

 

1 An algorithm or technique that is either specified in a FIPS or NIST Recommendation.