ASC/X9 - ANSI X9.82-2
Random Number Generation Part 2: Entropy Sources
|Publication Date:||25 September 2015|
ANS X9.82 is concerned with the generation of random bits, primarily for use in cryptographic applications. While there has been extensive research on the subject of generating (pseudo)random bits using a Random Bit Generator (RBG) and an unknown seed value, creating such an unknown value has not been as well documented. As Part 1 of this Standard establishes, the only way for this seed value to provide real security is for it to be obtained from a source that provides sufficient entropy. Directly or indirectly, the seeding of an RBG will rely upon a nondeterministic process - i.e., an entropy source. This part of ANS X9.82 describes the properties that an entropy source must have to make it suitable for use by cryptographic random bit generators. This part of ANS X9.82 includes:
1. An entropy source model,
2. Implementation issues,
3. Criteria and requirements for entropy source components, and
4. Tests for ensuring that the implementation continues to perform as expected (health tests).
The precise structure, design and development of an entropy source implementation are outside the scope of this Standard.
The development of entropy sources that provide suitable output is difficult, and providing guidance for their design and health testing is even more so. This part of the Standard is an initial attempt to provide design guidance for the development of entropy sources. The approach to health testing defined in this Standard assumes that the developer understands the behavior of the entropy source and has made a good-faith effort to provide a consistent source of entropy. It is expected that, over time, improvements to the guidance and health testing will be made, based on experience in using this Standard.