Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-90B (2nd Public Draft)

Recommendation for the Entropy Sources Used for Random Bit Generation

Date Published: January 2016
Comments Due: May 9, 2016 (public comment period is CLOSED)
Email Questions to: rbg_comments@nist.gov

Author(s)

Meltem Sönmez Turan (NIST), Elaine Barker (NIST), John Kelsey (NIST), Kerry McKay (NIST), Mary Baish (NSA), Michael Boyle (NSA)

Announcement

NIST announces the second draft of Special Publication (SP) 800-90B, Recommendation for the Entropy Sources Used for Random Bit Generation. This Recommendation specifies the design principles and requirements for the entropy sources used by Random Bit Generators, and the tests for the validation of entropy sources. These entropy sources are intended to be combined with Deterministic Random Bit Generator mechanisms that are specified in SP 800-90A to construct Random Bit Generators, as specified in SP 800-90C. NIST is planning to host a workshop on Random Number Generation to discuss the SP 800-90 series, specifically, SP 800-90B and SP 800-90C. More information about the workshop is available at: https://www.nist.gov/news-events/events/2016/05/random-bit-generation-workshop-2016.

The specific areas where comments are solicited on SP 800-90B are:

  • Post-processing functions (Section 3.2.2): We provided a list of approved post-processing functions. Is the selection of the functions appropriate?
  • Entropy assessment (Section 3.1.5): While estimating the entropy for entropy sources using a conditioning component, the values of n and q are multiplied by the constant 0.85. Is the selection of this constant reasonable?
  • Multiple noise sources: The Recommendation only allows using multiple noise sources if the noise sources are independent. Should the use of dependent noise sources also be allowed, and if so, how can we calculate an entropy assessment in this case?
  • Health Tests: What actions should be taken when health tests raise an alarm? The minimum allowed value of a type I error for health testing is selected as 2-50. Is this selection reasonable?

Abstract

Keywords

noise source; predictors; conditioning functions; health testing; Entropy source;  ; random number generators; min-entropy; IID testing
Control Families

System and Communications Protection

Documentation

Publication:
Second Draft SP 800-90B (Jan. 2016) (pdf)

Supplemental Material:
Comments received on Second Draft (Jan. 2016) (pdf)
Comment Template (xlsx)
NIST Press Release

Publication Parts:
SP 800-90A Rev. 1

Related NIST Publications:
Other

Document History:
09/05/12: SP 800-90B (Draft)
01/27/16: SP 800-90B (Draft)

Topics

Security and Privacy

random number generation