On Fri, Aug 29, 2003 at 03:43:40PM -0400, Tim Dierks wrote: > [snip] > > Allow me to clarify my problem a little. I'm commonly engaged to review > source code for a security audit, some such programs include a random > number generator, many of which are of ad-hoc design. The nature of such > audits is that it's much more appealing to be able to say "here are three > accepted guidelines that your generator violates" rather than "I haven't > seen that before and I don't like it, you should replace it with something > else". > > So I'm interested in such design guidelines, if they're available, which > such a generator could be tested against. While the resources provided have > been useful, it's only led me to where I was: that the only way to do so is > to attempt to analyze the system for vulnerability to a collection of known > flaws. > > [snip]
Hi Tim, I think you should have a look at AIS 20 and AIS 31 - they are a little bit formal and define their own terminology but otherwise seem to give sound models. Evaluation guidelines for both deterministic pseudo-random number generators (AIS 20) and physical random number generators (AIS 31), have been published by the BSI (Bundesamt fuer Sicherheit in der Informationstechnik - a German agency responsible for giving recommendations regarding the security of IT in government use). AIS 31 (English): http://www.bsi.de/zertifiz/zert/interpr/trngk31e.pdf AIS 20 (English): http://www.bsi.de/zertifiz/zert/interpr/ais20e.pdf There's also a paper published in the CHES 2002 proceedings on the same subject: W. Schindler, W. Killmann: Evaluation Criteria for True (Physical) Random Number Generators Used in Cryptographic Applications URL: http://www.springerlink.com/openurl.asp?genre=article&issn=0302-9743&volume=2523&spage=431 Cheers, Ralf -- Ralf-P. Weinmann <[EMAIL PROTECTED]> --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
