On 9 Jul 2007 16:08:33 -0600, Darren Lasko wrote:
2) Does FIPS 140-2 have any requirements regarding the quality of the
entropy source that is used for seeding a PRNG?
Yes. The requirement imposed by FIPS 140-2
(http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf)
are in section
On Mon, Jul 09, 2007 at 04:08:33PM -0600, Darren Lasko wrote:
However, it seems pretty nebulous about how
they expect you to measure the number of operations required to
compromise the security of the key generation method. Do you know
what kind of documentation the labs require?
The
On 7/8/07, Joshua Hill [EMAIL PROTECTED] wrote:
On Sat, Jul 07, 2007 at 10:53:17PM -0600, Darren Lasko wrote:
1) Can a product obtain FIPS 140-2 certification if it implements a PRNG
from NIST SP 800-90 (and therefore is not listed in FIPS 140-2 Annex C)? If
not, will Annex C be updated to
Hello,
I have a couple of questions related to FIPS 140-2:
1) Can a product obtain FIPS 140-2 certification if it implements a PRNG
from NIST SP 800-90 (and therefore is not listed in FIPS 140-2 Annex C)? If
not, will Annex C be updated to include the PRNGs from SP 800-90?
2) Does FIPS 140-2
On Sat, Jul 07, 2007 at 10:53:17PM -0600, Darren Lasko wrote:
1) Can a product obtain FIPS 140-2 certification if it implements a PRNG
from NIST SP 800-90 (and therefore is not listed in FIPS 140-2 Annex C)? If
not, will Annex C be updated to include the PRNGs from SP 800-90?
The PRNGs in
