bsi发布的ais31Functionalityclassesforrandomnumbergenerators

需积分: 50 18 浏览量更新于2023-03-16 评论收藏 2.71MB PDF 举报

身份认证购VIP最低享 7 折!

领优惠券(最高得80元）

资源详情

资源评论

资源推荐

A proposal for: Functionality classes for random number generators

18 September 2011 AIS 20 / AIS 31 page 1

Wolfgang Killmann

T-Systems GEI GmbH, Bonn

Werner Schindler

Bundesamt für Sicherheit in der Informationstechnik (BSI), Bonn

A proposal for:

Functionality classes for random number generators

Version 2.0

18 September 2011

The authors wish to express their thanks for the numerous comments, suggestions and notes that have been

incorporated into this document.

A proposal for: Functionality classes for random number generators

18 September 2011 AIS 20 / AIS 31 page 2

Table of contents

1. Introduction ............................................................................................................................... 7

1.1. Motivation ................................................................................................................................... 7

1.2. Abbreviations .............................................................................................................................. 8

1.3. Common Criteria (Abbreviations)............................................................................................... 8

1.4. Terminology ................................................................................................................................ 9

1.5. Symbols ..................................................................................................................................... 16

2. Basic Concepts ......................................................................................................................... 18

2.1. Randomness .............................................................................................................................. 18

2.1.1. Concept of Randomness and Random Experiments .............................................. 18

2.1.2. Random number generators (RNGs) ..................................................................... 19

2.2. Random Numbers in IT Security............................................................................................... 21

2.2.1. Usage of Random Numbers in IT Security ............................................................ 21

2.2.2. Basic considerations for RNG types ...................................................................... 23

2.2.3. Design Description of RNG ................................................................................... 24

2.3. Mathematical Background ........................................................................................................ 28

2.3.1. Random variables .................................................................................................. 28

2.3.2. Entropy and Guess Work ....................................................................................... 31

2.3.3. Random mappings ................................................................................................. 34

2.4. Stochastics and Statistical Analysis of Physical RNGs ............................................................. 36

2.4.1. Stochastic model .................................................................................................... 36

2.4.2. Overview of Statistical Tests ................................................................................. 41

2.4.3. Standard Statistical Tests ....................................................................................... 44

2.4.4. Test procedures ...................................................................................................... 54

2.4.5. Additional Statistical Tests .................................................................................... 57

3. Security Functional Requirements - Family FCS_RNG ...................................................... 61

3.1. Definition of FCS_RNG ............................................................................................................ 61

3.2. Security capabilities of RNG types ........................................................................................... 62

3.3. Rationale for definition of the extended component ................................................................. 66

4. Pre-defined RNG Classes ........................................................................................................ 67

4.1. Overview of pre-defined RNG classes ...................................................................................... 67

4.2. General Remarks (Exemplary applications, side-channel attacks, fault attacks) ...................... 71

4.3. Class PTG.1 ............................................................................................................................... 71

4.3.1. Security functional requirements for the RNG class PTG.1 .................................. 71

A proposal for: Functionality classes for random number generators

18 September 2011 AIS 20 / AIS 31 page 3

4.3.2. Application notes ................................................................................................... 72

4.4. Class PTG.2 ............................................................................................................................... 74

4.4.1. Security functional requirements for the RNG class PTG.2 .................................. 74

4.4.2. Application notes ................................................................................................... 75

4.4.3. Further aspects ....................................................................................................... 77

4.5. Class PTG.3 ............................................................................................................................... 79

4.5.1. Security functional requirements for the RNG class PTG.3 .................................. 79

4.5.2. Application notes ................................................................................................... 80

4.5.3. Further aspects ....................................................................................................... 82

4.6. Class DRG.1 .............................................................................................................................. 84

4.6.1. Security functional requirements for the RNG class DRG.1 ................................. 84

4.6.2. Application notes ................................................................................................... 84

4.6.3. Further aspects ....................................................................................................... 87

4.7. Class DRG.2 .............................................................................................................................. 88

4.7.1. Security functional requirements for the RNG class DRG.2 ................................. 88

4.7.2. Application notes ................................................................................................... 89

4.7.3. Further aspects ....................................................................................................... 89

4.8. Class DRG.3 .............................................................................................................................. 90

4.8.1. Security functional requirements for the RNG class DRG.3 ................................. 90

4.8.2. Application notes ................................................................................................... 91

4.8.3. Further aspects ....................................................................................................... 91

4.9. Class DRG.4 .............................................................................................................................. 91

4.9.1. Security functional requirements for the RNG class DRG.4 ................................. 91

4.9.2. Application notes ................................................................................................... 92

4.9.3. Further aspects ....................................................................................................... 93

4.10. Class NTG.1 .............................................................................................................................. 93

4.10.1. Security functional requirements for the NPTRNG class NTG.1 .......................... 93

4.10.2. Application notes ................................................................................................... 94

5. Examples .................................................................................................................................. 96

5.1. Guesswork for binomial distributed data .................................................................................. 96

5.2. Contingency tables .................................................................................................................... 99

5.3. Forward and backward secrecy ............................................................................................... 103

5.4. Examples of post-processing algorithms ................................................................................. 107

5.4.1. Von Neumann unbiasing ..................................................................................... 107

5.4.2. Xoring of non-overlapping segments of independent bits ................................... 108

A proposal for: Functionality classes for random number generators

18 September 2011 AIS 20 / AIS 31 page 5

Tables

Table 1: Attack potential, guessing probability and security bits .................................................... 22

Table 2: Attack potential and guessing passwords ............................................................................ 22

Table 3: Statistics of random mappings ............................................................................................. 34

Table 4: Statistics of random permutations ....................................................................................... 35

Table 5: Brief overview of error types of statistical tests .................................................................. 43

Table 6: Typical values of -distribution with 1 degree of freedom ............................................ 45

Table 7: Typical values of -distribution with degree of freedom d ............................................ 46

Table 8: Typical values of -distribution for runs ......................................................................... 47

Table 9: Typical values of Normal (Gaussian) N(0,1) for a two-sided test of

autocorrelation ........................................................................................................................ 50

Table 10: Parameters for entropy test ................................................................................................ 53

Table 11: Recommended parameter settings for the NIST test suite .............................................. 57

Table 12: Attack potential, Min-entropy, and recommended length of the internal

state ........................................................................................................................................... 85

Table 13: Requirements for the parameters in (DRG.1.3) depending on claimed

attack potential ........................................................................................................................ 87

Table 14: Work factor and work factor defect for uniform mappings with

equidistributed input ............................................................................................................. 111

Table 15: Probability for a noise alarm within a test suite and the expected number

of noise alarms per year for different distributions of the das-random

numbers .................................................................................................................................. 115

剩余132页未读，继续阅读

fengluop

粉丝: 0
资源: 3

会员权益专享

bsi发布的ais 31 Functionality classes for random number generators

评论0

会员权益专享

最新资源

bsi发布的ais 31 Functionality classes for random number generators

评论0

AIS31完整文档.doc

随机数质量标准，AIS31-EN

AIS中文的国际标准

BSI裸地指数在哨兵二卫星怎么计算

裸地指数BSI计算公式

org/bouncycastle/asn1/bsi/BSIObjectIdentifiers

MNDWI','NDBI','NDVI','EVI','BSI','IBI'

Caused by: java.lang.NoClassDefFoundError: org/bouncycastle/asn1/bsi/BSIObjectIdentifiers

Caused by: java.lang.ClassNotFoundException: org.bouncycastle.asn1.bsi.BSIObjectIdentifiers

bs8112a-3程序

pas2050最新版本

imx385 data sheet

基于dsp的垃圾识别回收系统的DSP芯片选择和其他主要芯片选择

imx294 开发资料

imx477datesheet

imx252datasheet

ov9282-preliminary-specification

imx577 datasheet

iso9001-2015质量管理体系认证全套程序文件下载

会员权益专享

最新资源