OASIS Key Management Interoperability Protocol (KMIP) TC

 View Only

SP 800-90 and Full Entropy in RBGs

  • 1.  SP 800-90 and Full Entropy in RBGs

    Posted 02-14-2013 16:13
    NIST is in the process of adjudicating all comments received during the SP 800-90B and SP 800-90C public comment period. In doing so, it has been determined that the concept of full entropy as used in these Special Publications only serves to confuse the entropy discussion. For example, since true full entropy cannot be measured, the attempts to draw a distinction between 0.9999668 bits of min-entropy per bit output and full entropy do not provide meaningful results. As a result, a decision was made to remove full entropy from the documents. This has the following impact: ? NIST SP 800-90A will be revised to remove references to full entropy sources. ? NIST SP 800-90B will focus on the components and evaluation of entropy sources. The validation tests provided will all produce a min-entropy estimate. No additional qualifiers (such as ?full entropy?) will be provided, since the entropy estimate is the only result needed. ? NIST SP 800-90C will no longer include the XOR NRBG Construction. It will contain the other RBG constructions, along with a description of how to use a validated entropy source (i.e., a guide explaining how to use the entropy source to get the entropy needed, given the entropy estimate). SP 800-90A and the initial drafts of SP 800-90B and C are available at http://csrc.nist.gov/publications/PubsSPs.html . NIST believes that this change will result in clearer, more useable documentation. Please send any comments or concerns to rbg_comments@nist.gov by March 1, 2013 using ?Comments on Full Entropy? in the subject line.