ISO/IEC 20543:2019 信息技术 安全技术 ISO/IEC 19790和ISO/IEC 15408内随机位发生器的试验和分析方法

标准编号：ISO/IEC 20543:2019

中文名称：信息技术 安全技术 ISO/IEC 19790和ISO/IEC 15408内随机位发生器的试验和分析方法

英文名称：Information technology — Security techniques — Test and analysis methods for random bit generators within ISO/IEC 19790 and ISO/IEC 15408

发布日期：2019-10

标准范围

本文档规定了用于评估用于密码应用的非确定性或确定性随机比特发生器的方法。本文件中给出的规定使RBG的供应商能够向评估机构提交明确定义的安全性声明，并应使评估者或测试者（例如验证机构）能够评估、测试、认证或拒绝这些声明。本文档与实现无关。因此，它没有为随机比特发生器的设计和实现决策提供具体的指导。然而，设计和实现问题影响本文档中RBG的评估，例如，因为它需要使用随机源的随机模型，并且因为任何这样的模型都由与手头设备的设计相关的技术论点支持。本文档中评估的随机位生成器旨在输出看起来均匀分布的位串。然而，取决于消费应用程序所需的随机数的分布，值得注意的是，对于消费应用程序来说，将由RBG产生的随机比特串转换成适合于应用程序要求的分布的随机数可能需要额外的步骤(并且对于安全性很可能是关键的)。此类后续转换超出了本文档中执行的评估范围。

This document specifies a methodology for the evaluation of non-deterministic or deterministic random bit generators intended to be used for cryptographic applications. The provisions given in this document enable the vendor of an RBG to submit well-defined claims of security to an evaluation authority and shall enable an evaluator or a tester, for instance a validation authority, to evaluate, test, certify or reject these claims.
This document is implementation-agnostic. Hence, it offers no specific guidance on design and implementation decisions for random bit generators. However, design and implementation issues influence the evaluation of an RBG in this document, for instance because it requires the use of a stochastic model of the random source and because any such model is supported by technical arguments pertaining to the design of the device at hand.
Random bit generators as evaluated in this document aim to output bit strings that appear evenly distributed. Depending on the distribution of random numbers required by the consuming application, however, it is worth noting that additional steps can be necessary (and can well be critical to security) for the consuming application to transform the random bit strings produced by the RBG into random numbers of a distribution suitable to the application requirements. Such subsequent transformations are outside the scope of evaluations performed in this document.

标准预览图