Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-90C (4th Public Draft)

Recommendation for Random Bit Generator (RBG) Constructions

Date Published: July 3, 2024
Comments Due: September 30, 2024 (public comment period is CLOSED)
Email Questions to: rbg_comments@nist.gov

Author(s)

Elaine Barker (NIST), John Kelsey (NIST), Kerry McKay (NIST), Allen Roginsky (NIST), Meltem Sönmez Turan (NIST)

Announcement

The NIST SP 800-90 series of documents supports the generation of high-quality random bits for cryptographic and non-cryptographic use. SP 800-90A specifies several deterministic random bit generator (DRBG) mechanisms based on cryptographic algorithms. SP 800-90B provides guidance for the development and validation of entropy sources. SP 800-90C specifies constructions for the implementation of random bit generators (RBGs) that include DRBG mechanisms as specified in SP 800-90A and that use entropy sources as specified in SP 800-90B.

This draft includes constructions for four classes of RBGs:

  1. An RBG1 construction provides random bits from a device that is initialized from an external RBG.
  2. An RBG2 construction includes an entropy source that is available on demand.
  3. An RBG3 construction includes an entropy source that is continuously accessed to provide output with full entropy.
  4. An RBGC construction allows the use of a chain of RBGs that consists of only RBGC constructions on the same computing platform.

SP 800-90C includes a note to readers, guidance for accessing and handling the entropy sources in SP 800-90B, specifications for the initialization and use of the four RBG constructions that incorporate the DRBGs from SP 800-90A, and guidance on health testing and implementation validation using NIST's Cryptographic Algorithm Validation Program (CAVP) and the Cryptographic Module Validation Program (CMVP), which is jointly operated by NIST and the Canadian Centre for Cyber Security (CCCS).

Abstract

Keywords

deterministic random bit generator (DRBG); entropy; entropy source; random bit generator (RBG); randomness source; RBG1 construction; RBG2 construction; RBG3 construction; RBGC construction; subordinate DRBG (sub-DRBG)
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.800-90C.4pd
Download URL

Supplemental Material:
None available

Document History:
09/05/12: SP 800-90C (Draft)
04/13/16: SP 800-90C (Draft)
09/07/22: SP 800-90C (Draft)
07/03/24: SP 800-90C (Draft)

Topics

Security and Privacy

random number generation