I wrote: > FIPS 140 will not allow *any* hardware pure noise source to be used by > itself as a random number/bit source. Instead, such a source MUST be > fed into a DRBG from which any internal random data is taken.
To clarify, by "pure noise source", I meant such as a forward biased silicon PN junction amplified, or a continuous current measurement through a lava lamp (:-), or an RF tuner tuned to some frequency not occupied by any known transmitter. All these things produce random noise, but their output cannot be used directly. Instead it may be used as input to a PRNG. This is sometimes (not always) called a "seed", or "additional input" to the PRNG. You can feed any noise from any source you want into a FIPS 140 token as "additional input" into its PRNG. PKCS#11 has a function with the word "seed" in the name, which is actually "additional input" as that term is defined in NIST SP 800-90. Nothing at all prevents you from feeding RNG output from one token into that function for another PKCS#11 token. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto