U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

NIST SP 800-90C (3rd Public Draft)

Recommendation for Random Bit Generator (RBG) Constructions

Date Published: September 7, 2022
Comments Due: December 7, 2022 (public comment period is CLOSED)
Email Questions to: rbg_comments@nist.gov

Author(s)

Elaine Barker (NIST), John Kelsey (NIST), Kerry McKay (NIST), Allen Roginsky (NIST), Meltem Sönmez Turan (NIST)

Announcement

The NIST SP 800-90 series of documents supports the generation of high-quality random bits for cryptographic and non-cryptographic use. SP 800-90A specifies several deterministic random bit generator (DRBG) mechanisms based on cryptographic algorithms. SP 800-90B provides guidance for the development and validation of entropy sources. SP 800-90C specifies constructions for the implementation of random bit generators (RBGs) that include DRBG mechanisms as specified in SP 800-90A and that use entropy sources as specified in SP 800-90B.

This draft includes constructions for three classes of RBGs:

  • An RBG1 construction provides random bits from a device that is initialized from an external RBG.
  • An RBG2 construction includes an entropy source that is available on demand.
  • An RBG3 construction includes an entropy source that is continuously accessed to provide output with full entropy.

SP 800-90C includes a note to readers, guidance for accessing and handling the entropy sources in SP 800-90B, specifications for the initialization and use of the three RBG constructions that incorporate the DRBGs from SP 800-90A, and guidance on health testing and implementation validation using NIST's Cryptographic Algorithm Validation Program (CAVP) and the Cryptographic Module Validation Program (CMVP) that is jointly operated by NIST and the Canadian Centre for Cyber Security (CCCS).

NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.

An initial public draft of an associated document, NIST IR 8427, Discussion on the Full Entropy Assumption of the SP 800-90 Series, is also available for public comment.

Abstract

Keywords

deterministic random bit generator (DRBG); entropy; entropy source; random bit generator (RBG); randomness source; RBG1 construction; RBG2 construction; RBG3 construction; subordinate DRBG (sub-DRBG)
Control Families

System and Communications Protection

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.800-90C.3pd
Download URL

Supplemental Material:
Comments received (pdf)

Other Parts of this Publication:
SP 800-90A Rev. 1
SP 800-90B

Related NIST Publications:
IR 8427 (Draft)

Document History:
09/05/12: SP 800-90C (Draft)
04/13/16: SP 800-90C (Draft)
09/07/22: SP 800-90C (Draft)

Topics

Security and Privacy

random number generation