BIVBlog #29: Existing randomness test suites

Once upon a long ago I thought that the most reasonable approach to test my hardware random number generator was to use tests that other people have written, so I’d avoid testing my own stuff and missing some critical mistake. Well, things didn’t quite turn out as I expected…


Table of Contents

00:00:30 The Linux rng-tools, and rngtest
00:02:00 … showing heaps of errors
00:04:02 … due to the way the tests work
00:06:15 Why the NIST FIPS-140 tests are inherently suspicious
00:11:45 Weaknesses in the Linux kernel cryptographic pseudo random number generator
00:13:27 The dieharder test suite
00:23:45 State of the art cryptographic pseudo random number generators from ten years ago
00:24:20 News from my hardware random number generator project

References

Schneier on Security: Insecurities in the Linux /dev/random

About

Long term IPv6 evangelist/book author/trainer/consultant and generic Unix guy (*BSD, Linux, Solaris, and about a dozen more).

Leave a Reply

Your email address will not be published.