[Mono-list] RNG

Sebastien Pouliot Sebastien Pouliot <spouliot@videotron.ca>
Sat, 05 Oct 2002 17:38:18 -0400


The tests for RNG are described in FIPS PUB 140-2 from page 33 (section 4.9
Self-Tests). These are self-test that a FIPS 140 complant device (hardware
or software) must (at least for Security Level 3+) pass on each startup (and
on-demand for Security Level 4).

It includes:
a. The monobit test;
b. The poker test;
c. The runs test; and
d. The long runs test,
runned on a sample of 20,000 bits.

Link:
http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf


Sebastien Pouliot
Security Architect, Motus Technologies, http://www.motus.com/
work: spouliot@motus.com
home: spouliot@videotron.ca

----- Original Message -----
From: "Sebastien Pouliot" <spouliot@videotron.ca>
To: "mono-list" <mono-list@ximian.com>
Cc: "Mark Crichton" <crichton@gimp.org>
Sent: Saturday, October 05, 2002 11:45 AM
Subject: [Mono-list] RNG


> Hi Mark,
>
> > The RNG code works on Linux, should work on BSDs, maybe Solaris, and
> > won't work on Win32.  I'm still a tad confused by the CryptAPI for
> > windows.  If you know how to use it to get strong random numbers, have
> > at it...
>
> I have work many times with CryptoAPI, both low-level (developing a smart
> card CSP, certificate revocation) and high-level (end-user application) so
I
> should have no problem implementing RNG on top of it.
>
> If I remember correctly there are some RNG tests specified in either FIPS
> 140 or 186 (been some time). They would make great unit tests so I'll find
a
> link to that too.
>
> > Mark
>
> Sebastien Pouliot
> Security Architect, Motus Technologies, http://www.motus.com/
> work: spouliot@motus.com
> home: spouliot@videotron.ca