U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Random Bit Generation RBG


The following publications specify the design and implementation of random bit generators (RBGs), in two classes: Deterministic Random Bit Generators (pseudo RBGs); and Non-Deterministic Random bit Generators (True RBGs).

  • SP 800-90A, Recommendation for Random Number Generation Using Deterministic Random Bit Generators
    • June 25, 2015:  This Recommendation specifies mechanisms for the generation of random bits using deterministic methods. In this revision, the specification of the Dual_EC_DRBG has been removed. The remaining DRBGs (i.e., Hash_DRBG, HMAC_DRBG and CTR_DRBG) are recommended for use. Other changes included in this revision are listed in an appendix.
  • SP 800-90B, Recommendation for the Entropy Sources Used for Random Bit Generation
    • January 10, 2018:  This Recommendation specifies the design principles and requirements for the entropy sources used by Random Bit Generators, and the tests for the validation of entropy sources. These entropy sources are intended to be combined with Deterministic Random Bit Generator mechanisms that are specified in SP 800-90A to construct Random Bit Generators, as specified in SP 800-90C.
  • SP 800-90C, Recommendation for Random Bit Generator (RBG) Constructions (3rd DRAFT)

On May 2-3, 2016, NIST hosted a workshop on Random Number Generation to discuss the SP 800-90 series of documents--specifically, SP 800-90B and SP 800-90C.

NIST's Randomness Beacon

NIST is implementing a source of public randomness--the NIST Randomness Beacon. The service (at https://beacon.nist.gov/home) uses two independent commercially available sources of randomness, each with an independent hardware entropy source and SP 800-90-approved components.

The Beacon is designed to provide unpredictability, autonomy, and consistency. Unpredictability means that users cannot algorithmically predict bits before they are made available by the source. Autonomy means that the source is resistant to attempts by outside parties to alter the distribution of the random bits. Consistency means that a set of users can access the source in such a way that they are confident they all receive the same random string.

Additional Random Number Generation Standards Development Bodies

Implementation-related References

Created May 24, 2016, Updated September 13, 2022