U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Projects Cryptographic Module Validation Program Entropy Validations

Cryptographic Module Validation Program CMVP

Entropy Validation Announcements

Guidelines and templates are now available on the Entropy Validation Documents webpage. 

  • Entropy Assessment Report Template v1.0
  • Entropy Validation Submission Guidelines
  • Module Submission Guidelines When Including an ESV
  • Entropy Validation Certificate Public Use Document Template
The Entropy Source Validation (ESV) is now online! Check out the Entropy Validations Roadmap for key dates as CMVP transitions from ENT to ESV.

The Entropy Source Validation Test Server is available in our Demo environment. Anybody may access this server to learn about ESVTS and how to use the system. Information on the protocol and how to access the server is available here: https://github.com/usnistgov/ESV-Server.

 

NIST has created a web client to make submitting entropy validation requests easier. You will still need a certificate to access that page. Information on how to import your certificate into a browser is available here: https://github.com/usnistgov/ESV-Server/wiki/Importing-Certificates-into-Chrome-for-Windows-and-MacOS.

 

NIST has also created a Python client to interact with the server. This will offer more detailed responses from the server in addition to more fine-tuned access to the data created. This will be available on the same GitHub page shortly.

 

If you notice any issues while using the server or clients, please let us know by creating an issue on GitHub. We will be monitoring the board closely as we launch ESVTS.

 

NIST Handbook 150-17 is under review now and will be published soon (1-2 months). It will include the new accreditation scope 17ESV. This accreditation will be required at the earliest the first day of FY24 in order to submit entropy sources to the CMVP.

 

If there aren’t any major issues identified on the Demo release of ESVTS, we will be launching the Prod environment very soon. Only currently accredited 17CM labs may request access to this server. With this, the standalone Entropy Source Validation Certificate List will begin. These entropy sources may be referenced by certificate number in multiple modules without the need to recertify the entropy source. With the Prod environment available, we will allow entropy sources to be validated as part of a module until the first day of FY23. After that point, all entropy sources must be validated independently from the module through ESVTS.

 

You may request access to the Prod environment by sending the same Demo environment request email and CSR to esv-prod@nist.gov starting on 3/28/22. An announcement will be made when the Prod server is available for users.

With the publication of NIST SP 800-90B, “Recommendation for the Entropy Sources Used for Random Bit Generation”, in 2018, requirements on entropy sources in FIPS 140 modules are considerably more comprehensive than before. Vendors and accredited CST labs have asked the CMVP to provide guidance in the form of examples on how to meet the requirements listed in SP 800-90B for particular entropy sources. Some of this can be done using published entropy source designs, such as those in the academic literature. However, more realistic and complete examples require an actual working entropy source along with a corresponding entropy report for that source.

The CMVP is soliciting reports demonstrating compliance of an entropy source with SP 800-90B that can be published as examples. These will be outside of the validation process; that is, they will not receive a validation by going through this process. In order to be considered for publication, these reports must:

  • Address all the requirements in SP 800-90B (some may be N/A depending on the type of entropy source).

  • Correspond to a working entropy source. Raw noise samples for the initial assessment and the restart tests, as well as output samples from any non-vetted conditioning component, must be collected from an instance of the entropy source.

  • Cover only topics directly concerning SP 800-90B conformance of the entropy source. For example, they should not address requirements of other standards, nor should they address related but out-of-scope topics such as DRBGs or RBG constructions, except where necessary to provide context.

  • Concisely cite or summarize supporting evidence from outside documents, such as conference or journal articles, textbooks, product specifications etc., and reference them appropriately.

We will select up to five reports for publication. Criteria for selection are:

  • Prevalence of entropy source, especially the underlying noise source.

  • At least one physical and one non-physical entropy source.

  • Overall report quality, including rigor, completeness, clarity and conciseness.

For each report we select, NIST and CCCS CMVP reviewers will provide comments on the evidence provided for each requirement. This includes a determination of whether the evidence as presented is acceptable as well as commentary, e.g., minimally acceptable, more than necessary, suggestions for improvement, etc. Submitters will have the opportunity to respond to the initial reviewer comments with clarification or more evidence.

The CMVP will not provide comments for reports that will not be published. Reports that do not meet the criteria for publication will be deleted. Do not submit confidential business information, or otherwise sensitive or protected information. Reports that are published will be published as-is with all comments and responses in an accompanying document. Submitters will be notified by e-mail of the review results and when a report is published. There will not be a notification sent to a submitter if a report is not selected for publication. 

The report and comments will be published on the NIST CSRC website.

Submissions must be one self-contained report as a “.docx” or “.pdf”, with the subject line “Entropy Assessment Report Case Study” to the following email address example-90b-reports@nist.gov by the following date: February 15, 2022. Along with the submission there will be an acknowledgement of permission to disclose the information in the report. Submitters may withdraw their report at any time. This can be done by sending an email to example-90b-reports@nist.gov. The CMVP will start reviewing and publishing reports immediately. NIST will publish representative examples of entropy reports from submissions received, and does not guarantee review or publication of any given submission.

Statement on IP from the submitters:

The submitters represent and warrant that they own, have licensed or otherwise have the right to disclose all intellectual property (IP) contained in this document. We grant NIST permission to publish this document along with all comments and communications pertaining to it.

As of August 10, 2021, the entropy caveats can be applied to a FIPS 140-2 entropy assessment report submission. The following email sent to the labs provides the full information about the caveats. The SP 800-90B SHALL Statement spreadsheet discusses which requirements are allowed for a caveat. 

Dear CST Labs,

In response to feedback from the recent Entropy Source Validation Workshop, as well as specific requests to move the deadline for mandatory compliance to NIST SP 800-90B, the CMVP has decided to allow provisional validation of FIPS 140-2 modules with entropy sources that do not meet all the requirements of NIST SP 800-90B.  Instead, they will only need to meet a subset of the requirements in SP 800-90B.  We will publish a table of all the requirements (i.e., all SHALL statements) extracted from SP 800-90B and indicate which of these are still required and which are optional.

Conditions on these provisional validations are as follows:

  • They are only available for entropy sources in a FIPS 140-2 module.
  • The module’s validation certificate will be marked with a caveat: “CAVEAT: The module’s entropy source does not meet all the requirements of NIST SP 800-90B.”
  • The entropy source is bound to the FIPS 140-2 module validation and not eligible for the following:
    • Conversion to a stand-alone entropy source validation (when this becomes available for SP 800-90B-compliant entropy sources at a future date TBD).
    • Use in a compliant SP 800-90C RBG construction (SP 800-90C is still in draft).
  • They are listed on the module’s validation certificate as a non-approved but allowed “NDRNG”.

The first draft of the SP 800-90B requirements table will be published next week for feedback and comment.

Please be advised that though we will validate FIPS 140-2 modules with entropy sources that meet these provisional requirements, the CMVP continues to strongly recommend full compliance with SP 800-90B.

Best regards,

The CAVP and CMVP Teams

All FIPS 140-2 and FIPS 140-3 submissions are required to provide justification of conformance to SP 800-90B if applicable.

 

Contacts

Beverly Trapnell - NIST CMVP Program Manager
cmvp@nist.gov

Carolyn French - CCCS CMVP Program Manager
CMVP@cyber.gc.ca

Topics

Security and Privacy: cryptography, testing & validation

Technologies: hardware, software & firmware

Created October 11, 2016, Updated October 26, 2022