With the publication of NIST SP 800-90B, “Recommendation for the Entropy Sources Used for Random Bit Generation”, in 2018, requirements on entropy sources in FIPS 140 modules are considerably more comprehensive than before. Vendors and accredited CST labs have asked the CMVP to provide guidance in the form of examples on how to meet the requirements listed in SP 800-90B for particular entropy sources. Some of this can be done using published entropy source designs, such as those in the academic literature. However, more realistic and complete examples require an actual working entropy source along with a corresponding entropy report for that source.
The CMVP is soliciting reports demonstrating compliance of an entropy source with SP 800-90B that can be published as examples. These will be outside of the validation process; that is, they will not receive a validation by going through this process. In order to be considered for publication, these reports must:
Address all the requirements in SP 800-90B (some may be N/A depending on the type of entropy source).
Correspond to a working entropy source. Raw noise samples for the initial assessment and the restart tests, as well as output samples from any non-vetted conditioning component, must be collected from an instance of the entropy source.
Cover only topics directly concerning SP 800-90B conformance of the entropy source. For example, they should not address requirements of other standards, nor should they address related but out-of-scope topics such as DRBGs or RBG constructions, except where necessary to provide context.
Concisely cite or summarize supporting evidence from outside documents, such as conference or journal articles, textbooks, product specifications etc., and reference them appropriately.
We will select up to five reports for publication. Criteria for selection are:
Prevalence of entropy source, especially the underlying noise source.
At least one physical and one non-physical entropy source.
Overall report quality, including rigor, completeness, clarity and conciseness.
For each report we select, NIST and CCCS CMVP reviewers will provide comments on the evidence provided for each requirement. This includes a determination of whether the evidence as presented is acceptable as well as commentary, e.g., minimally acceptable, more than necessary, suggestions for improvement, etc. Submitters will have the opportunity to respond to the initial reviewer comments with clarification or more evidence.
The CMVP will not provide comments for reports that will not be published. Reports that do not meet the criteria for publication will be deleted. Do not submit confidential business information, or otherwise sensitive or protected information. Reports that are published will be published as-is with all comments and responses in an accompanying document. Submitters will be notified by e-mail of the review results and when a report is published. There will not be a notification sent to a submitter if a report is not selected for publication.
The report and comments will be published on the NIST CSRC website.
Submissions must be one self-contained report as a “.docx” or “.pdf”, with the subject line “Entropy Assessment Report Case Study” to the following email address example-90b-reports@nist.gov by the following date: February 15, 2022. Along with the submission there will be an acknowledgement of permission to disclose the information in the report. Submitters may withdraw their report at any time. This can be done by sending an email to example-90b-reports@nist.gov. The CMVP will start reviewing and publishing reports immediately. NIST will publish representative examples of entropy reports from submissions received, and does not guarantee review or publication of any given submission.
Statement on IP from the submitters:
The submitters represent and warrant that they own, have licensed or otherwise have the right to disclose all intellectual property (IP) contained in this document. We grant NIST permission to publish this document along with all comments and communications pertaining to it.
As of August 10, 2021, the entropy caveats can be applied to a FIPS 140-2 entropy assessment report submission. The following email sent to the labs provides the full information about the caveats. The SP 800-90B SHALL Statement spreadsheet discusses which requirements are allowed for a caveat.
Dear CST Labs,
In response to feedback from the recent Entropy Source Validation Workshop, as well as specific requests to move the deadline for mandatory compliance to NIST SP 800-90B, the CMVP has decided to allow provisional validation of FIPS 140-2 modules with entropy sources that do not meet all the requirements of NIST SP 800-90B. Instead, they will only need to meet a subset of the requirements in SP 800-90B. We will publish a table of all the requirements (i.e., all SHALL statements) extracted from SP 800-90B and indicate which of these are still required and which are optional.
Conditions on these provisional validations are as follows:
The first draft of the SP 800-90B requirements table will be published next week for feedback and comment.
Please be advised that though we will validate FIPS 140-2 modules with entropy sources that meet these provisional requirements, the CMVP continues to strongly recommend full compliance with SP 800-90B.
Best regards,
The CAVP and CMVP Teams
Security and Privacy: cryptography, testing & validation
Technologies: hardware, software & firmware