- 4 -
C.1 The applicant must at least specify:
(i) The desired functionality class (P1, P2) with the strength of mechanisms (ITSEC)
and functions (CC).
(iia) Information about the TRNG’s structure and mode of functioning, together with
the specification form and specification depth required for the evaluation level, must
be provided in the detailed design from ITSEC E2 and in the low level design as of CC
EAL 4 in accordance with ADV_LLD.1. For ITSEC E1, the applicant must state the
TRNG’s structure and mode of functioning as part of the proof of the strength of
mechanisms in accordance with [JIL], Section 6.5.
(iib) As of ITSEC E3 under implementation or for CC EAL5 under ATE_DPT.2 tests:
Low-level design, the applicant must supply proof of the statistical tests in line with
the intended functionality class.
(iii) A clear description of how the noise signal is generated, together with an
explanation of why a digitised random noise signal is to be induced in this way.
+ additional specifications listed in subsection f) of the corresponding functionality
class.
C.2 Delimitation of the tagrget of evaluation TRNG:
A deterministic random number generator (DRNG) is given a seed by an external
source and uses the state function to calculate a sequence of internal states. An image
of this sequence generated using the output function is output (random number
sequence). The overall entropy of the output sequence lies in the initial value. The
overall entropy of a sequence of internal random numbers generated by a TRNG, on
the other hand, increases with each random number. TRNGs are based on physical
random processes, the observed analogue variables of which are prepared for digital
processing. Processes that are digitised in all their parameters (time, level, etc.), i.e.
limited to a finite number of states, will generally have deterministic behaviour and be
regarded as DRNGs.
The following diagram visualises the essential parts of TRNGs and DRNGs as well as
seed generation for DRNGs as a possible application for TRNGs. It represents the
typical sequential processing of the signals. Network structures, for example a mixture
of different analogue noise sources and post-worked signals that are already digitised,
are basically possible but render the analysis more complicated and costly (e.g.
decomposition). Mathematical post-processing of the digitised noise signals is
optional. If it is not performed, the digitised noise signals agree with the internal
random numbers.
评论0