ESV, 90C AND CC (B20b)
This talk examines the certification of Random Bit Generators (RBGs) for cryptographic applications from a vendor and lab perspective. The discussion begins with vendor questions about certifying entropy sources per NIST SP 800-90B RBGs. The talk will then describe new certification requirements for NIST SP 800-90C RBG constructions based on actual submissions. The core of the talk provides a walkthrough of the entropy source model and then Entropy Source Validation (ESV) process as mandated by NIST SP 800-90B, with a focus on CPU jitter-based entropy generation. The talk then reviews new certification based on the recently published NIST SP 800-90C document “Recommendation for Random Bit Generator (RBG) Constructions”, describing testing requirements, methods and examples essential for FIPS 140-3 and Common Criteria / NIAP submissions. Additionally, the talk explores Post-Quantum Cryptography (PQC) implications for entropy and RBG requirements based on a review of NIST standardized algorithms. This includes examining how PQC cryptographic schemes will impact entropy consumption patterns, the increased randomness requirements for larger key sizes, and the need for enhanced entropy source validation to support quantum-resistant cryptographic implementations.