[13949] in cryptography@c2.net mail archive
Re: PRNG design document?
daemon@ATHENA.MIT.EDU (Anton Stiglic)
Wed Aug 27 10:44:50 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Anton Stiglic" <astiglic@okiok.com>
To: "Bob Baldwin PlusFive" <baldwin@plusfive.com>,
"Tim Dierks" <tim@dierks.org>
Cc: <cryptography@metzdowd.com>
Date: Wed, 27 Aug 2003 09:46:29 -0400
----- Original Message -----
From: "Bob Baldwin PlusFive" <baldwin@plusfive.com>
To: "Tim Dierks" <tim@dierks.org>
Cc: <cryptography@metzdowd.com>
Sent: Friday, August 22, 2003 1:00 PM
Subject: Re: PRNG design document?
> Tim,
> One issue to consider is whether the system
> that includes the PRNG will ever need a FIPS-140-2
> rating.
> [...]
As you mentioned, the FIPS-140-2 approved PRNG
are deterministic, they take a random seed and extend it
to more random bytes. But FIPS-140-2 has no
provision for generating the seed in the first place,
this is where something like Yarrow or the cryptlib
RNG come in handy.
So if you want FIPS-140-2 compliance, generate a
seed using something based on Yarrow or cryptlib RNG
(or if you have a good hardware RNG use that to
generate the seed), and then apply a FIPS approved
PRNG to the seed.
NIST should really approve something like Yarrow
or Peter Gutmann's design...
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
