Sebastien Pouliot <firstname.lastname@example.org>
Sat, 05 Oct 2002 17:38:18 -0400
The tests for RNG are described in FIPS PUB 140-2 from page 33 (section 4.9
Self-Tests). These are self-test that a FIPS 140 complant device (hardware
or software) must (at least for Security Level 3+) pass on each startup (and
on-demand for Security Level 4).
a. The monobit test;
b. The poker test;
c. The runs test; and
d. The long runs test,
runned on a sample of 20,000 bits.
Security Architect, Motus Technologies, http://www.motus.com/
----- Original Message -----
From: "Sebastien Pouliot" <email@example.com>
To: "mono-list" <firstname.lastname@example.org>
Cc: "Mark Crichton" <email@example.com>
Sent: Saturday, October 05, 2002 11:45 AM
Subject: [Mono-list] RNG
> Hi Mark,
> > The RNG code works on Linux, should work on BSDs, maybe Solaris, and
> > won't work on Win32. I'm still a tad confused by the CryptAPI for
> > windows. If you know how to use it to get strong random numbers, have
> > at it...
> I have work many times with CryptoAPI, both low-level (developing a smart
> card CSP, certificate revocation) and high-level (end-user application) so
> should have no problem implementing RNG on top of it.
> If I remember correctly there are some RNG tests specified in either FIPS
> 140 or 186 (been some time). They would make great unit tests so I'll find
> link to that too.
> > Mark
> Sebastien Pouliot
> Security Architect, Motus Technologies, http://www.motus.com/
> work: firstname.lastname@example.org
> home: email@example.com