[Gaithersburg, MD] : , : [U.S. Dept. of Commerce, Technology Administration, National Institute of Standards and Technology], , [2001]

xi, 153 pages : digital, PDF file

NIST special publication ; ; 800-22

RukhinAndrew L

BasshamLawrence E

Random number generators

Statistical hypothesis testing

Computer security

Data encryption (Computer science)

Inglese

Title from title screen (viewed on July 24, 2006).

"With revisions dated May 15, 2001."

Includes bibliographical references (page G-1).

This paper discusses some aspects of selecting and testing random and pseudorandom number generators. The outputs of such generators may be used in many cryptographic applications, such as the generation of key material. Generators suitable for use in cryptographic applications may need to meet stronger requirements than for other applications. In particular, their outputs must be unpredictable in the absence of knowledge of the inputs. Some criteria for characterizing and selecting appropriate generators are discussed in this document. The subject of statistical testing and its relation to cryptanalysis is also discussed, and some recommended statistical tests are provided. These tests may be useful as a first step in determining whether or not a generator is suitable for a particular cryptographic application. However, no set of statistical tests can absolutely certify a generator as appropriate for usage in a particular application, i.e., statistical testing

cannot serve as a substitute for cryptanalysis. The design and cryptanalysis of generators is outside the scope of this paper.