The tests for RNG are described in FIPS PUB 140-2 from page 33 (section 4.9 Self-Tests). These are self-test that a FIPS 140 complant device (hardware or software) must (at least for Security Level 3+) pass on each startup (and on-demand for Security Level 4).
It includes: a. The monobit test; b. The poker test; c. The runs test; and d. The long runs test, runned on a sample of 20,000 bits. Link: http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf Sebastien Pouliot Security Architect, Motus Technologies, http://www.motus.com/ work: [EMAIL PROTECTED] home: [EMAIL PROTECTED] ----- Original Message ----- From: "Sebastien Pouliot" <[EMAIL PROTECTED]> To: "mono-list" <[EMAIL PROTECTED]> Cc: "Mark Crichton" <[EMAIL PROTECTED]> Sent: Saturday, October 05, 2002 11:45 AM Subject: [Mono-list] RNG > Hi Mark, > > > The RNG code works on Linux, should work on BSDs, maybe Solaris, and > > won't work on Win32. I'm still a tad confused by the CryptAPI for > > windows. If you know how to use it to get strong random numbers, have > > at it... > > I have work many times with CryptoAPI, both low-level (developing a smart > card CSP, certificate revocation) and high-level (end-user application) so I > should have no problem implementing RNG on top of it. > > If I remember correctly there are some RNG tests specified in either FIPS > 140 or 186 (been some time). They would make great unit tests so I'll find a > link to that too. > > > Mark > > Sebastien Pouliot > Security Architect, Motus Technologies, http://www.motus.com/ > work: [EMAIL PROTECTED] > home: [EMAIL PROTECTED] _______________________________________________ Mono-list maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/mono-list
