Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Recommendation for Random Bit Generator Constructions: Fourth Public Draft of NIST SP 800-90C Available for Comment
July 03, 2024

NIST has released the fourth public draft (4pd) of NIST Special Publication (SP) 800-90C, Recommendation for Random Bit Generator (RBG) Constructions.

The NIST SP 800-90 series of documents supports the generation of high-quality random bits for cryptographic and non-cryptographic use. SP 800-90A specifies several deterministic random bit generator (DRBG) mechanisms based on cryptographic algorithms. SP 800-90B provides guidance for the development and validation of entropy sources. SP 800-90C specifies constructions for the implementation of random bit generators (RBGs) that include DRBG mechanisms as specified in SP 800-90A and that use entropy sources as specified in SP 800-90B.

This draft includes constructions for four classes of RBGs:

  1. An RBG1 construction provides random bits from a device that is initialized from an external RBG.
  2. An RBG2 construction includes an entropy source that is available on demand. 
  3. An RBG3 construction includes an entropy source that is continuously accessed to provide output with full entropy. 
  4. An RBGC construction allows the use of a chain of RBGs that consists of only RBGC constructions on the same computing platform.

SP 800-90C includes a note to readers, guidance for accessing and handling the entropy sources in SP 800-90B, specifications for the initialization and use of the four RBG constructions that incorporate the DRBGs from SP 800-90A, and guidance on health testing and implementation validation using NIST's Cryptographic Algorithm Validation Program (CAVP) and the Cryptographic Module Validation Program (CMVP), which is jointly operated by NIST and the Canadian Centre for Cyber Security (CCCS).

The public comment period for this draft is open through September 30, 2024. See the publication details for a copy of the draft and instructions for submitting comments.

NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.

Parent Project

See: Random Bit Generation

Related Topics

Security and Privacy: random number generation

Created July 03, 2024