• 基础
• 概要
• 类型

基础

NIST SP

Recommendation for Random Number Generation Using Deterministic Random Bit Generators

non-deterministic random bit generators (NRBGs) 纯物理实现，不可预测

Deterministic Random Bit Generators (DRBGs) 使用算法生成

概要

初始化，reseed，生成随机数

{ internal state value, entropy input, additional input (optional) } => seed

initial_working_state = Instantiate_algorithm ( entropy_input , nonce , personalization_string, security_strength).

DRBG Instantiation : initialize with seed1 -> reseed with seed2 -> ...

Reseed_function ( state_handle, prediction_resistance_request, additional_input )

prediction_resistance_request:  ( status , entropy_input) = Get_entropy_input ( security_strength , min_length , max_length)

Generate_function ( state_handle, requested_number_of_bits, requested_security_strength , prediction_resistance_request, additional_input)

类型

Hash_DRBG : hash函数用于instantiate, reseed and generate functions; 注意每次只使用同一种hash函数。

HMAC_DRBG : HMAC函数用于instantiate, reseed and generate functions; 注意有一个HMAC_DRBG_Update更新K, V；而K, V是用于hmac生成随机数的输入参数。

DRBG Mechanism Based on Block Ciphers

CTR_DRBG uses an approved block cipher algorithm in the counter mode，注意CTR_DRBG也有CTR_DRBG_Update更新K，V。而K，V是用于aes之类的算法生成随机数的输入参数。

Dual_EC_DRBG 由于后门问题，业界不推荐使用。

Published

Tags

• random 2
• drbg 1

Share On

• twitter


• weibo


• reddit


• linkedin