-
Changes Coming to NIAP Entropy Assessment Reports in 2025
Entropy Assessment Reports will soon require a NIST Entropy Source Validation certificate – are you ready?
-
Entropy Source Validation (ESV) Certificate Issued for the Intel DRNG
Intel’s Digital Random Number Generator, used in many of its processors, receives an ESV certificate.
-
NIST Entropy Source Validation Server Available
NIST plans to offer a separate validation program apart from FIPS 140 to cover entropy sources: the ESV (Entropy Source Validation) program (hereafter ESVP). As part of the new validation effort, NIST recently launched an automated system to upload the required information in a structured manner: the Entropy…
-
Sample Size in NIST SP800-90B
We invite you to watch this presentation by Richard Fant on Sample Size in SP800-90B.
-
SP800-90A and SP800-90B compliant Linux Random Number Generator
Stephan Mueller With the enforcement of SP800-90B starting in November 2020, the noise sources behind the Linux /dev/random, /dev/urandom and the getrandom system call interfaces must comply with all requirements stipulated by SP800-90B. If this compliance is not achieved, all modules using Linux random number generator as entropy…
-
Stephan Mueller publishes SP800-90B compliant Linux implementation of CPU Jitter RNG
NIST’s Special Publication 800-90B “Recommendation for the Entropy Sources Used for Random Bit Generation” (SP800-90B) lays out the testing requirements for random bit generators. According to Implementation Guidance 7.18, compliance to SP800-90B will be mandatory for FIPS 140-2 validations starting November 8th 2020. Our colleague Stephan Mueller recently…
