The National Institute of Standards and Technology (NIST) Random Bit Generation (RBG) project focuses on the development and validation of generating random numbers that are essential for cryptographic and security applications.
The project provides guidelines through the SP 800-90 series, which includes recommendations on deterministic random bit generator (DRBG) mechanisms, entropy sources, and construction principles for RBGs, and has three parts:
The following figure explains the relationship of the three parts of the series.
NIST IR 8427, Discussion on the Full Entropy Assumption of the SP 800 90 Series, provides technical discussions to support the full entropy definition used in the SP 800 90 series.
The SP 800 90 series provides a basis for validation by NIST's Cryptographic Algorithm Validation Program (CAVP) and Cryptographic Module Validation Program (CMVP).
SP 800-22, A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications, specifies a set of statistical tests for randomness.
In 2022, NIST Crypto Publication Review Board completed a review of SP 800-22 and is planning to revise the publication.
NIST also hosts the NIST Randomness Beacon as a source of public randomness. The service includes multiple independent, commercially available sources of randomness.
Security and Privacy: random number generation