Discussion on the Full Entropy Assumption of the SP 800-90 Series: Initial Public Draft of NIST IR 8427 Available for Comment
The National Institute of Standards and Technology (NIST) has released the initial public draft of NIST Interagency Report (IR) 8427, Discussion on the Full Entropy Assumption of the SP 800-90 Series. This document is being released at the same time as the third public draft of NIST Special Publication (SP) 800-90C, Recommendation for Random Bit Generator (RBG) Constructions, in support of the SP 800-90 series of publications.
The NIST SP 800-90 series supports the generation of high-quality random bits for cryptographic and non-cryptographic use. The security of a random number generator depends on the unpredictability of its outputs, which can be measured in terms of entropy. The NIST SP 800-90 series uses min-entropy to measure entropy. A full-entropy bitstring has an amount of entropy equal to its length. Full-entropy bitstrings are important for cryptographic applications, as these bitstrings have ideal randomness properties and may be used for any cryptographic purpose. Due to the difficulty of generating and testing full-entropy bitstrings, the SP 800-90 series assumes that a bitstring has full entropy if the amount of entropy per bit is at least 1 - ε, where ε is at most 2-32. NIST IR 8427 provides a justification for the selection of ε.
The public comment period for NIST IR 8427 is open through October 31, 2022. See the publication details for a copy of the draft and instructions for submitting comments.
NIST Cybersecurity and Privacy Program Questions/Comments about this notice: rbg_comments@nist.gov CSRC Website questions: webmaster-csrc@nist.gov
|