From housley@vigilsec.com Fri Feb 15 08:53:56 2013 Return-Path: X-Original-To: saag@ietfa.amsl.com Delivered-To: saag@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 028D921F8803 for ; Fri, 15 Feb 2013 08:53:56 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -102.599 X-Spam-Level: X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=-0.001, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100] Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NzVX-seSjqIa for ; Fri, 15 Feb 2013 08:53:54 -0800 (PST) Received: from odin.smetech.net (mail.smetech.net [208.254.26.82]) by ietfa.amsl.com (Postfix) with ESMTP id 1A4AA21F851C for ; Fri, 15 Feb 2013 08:53:54 -0800 (PST) Received: from localhost (unknown [208.254.26.81]) by odin.smetech.net (Postfix) with ESMTP id 374D09A4002 for ; Fri, 15 Feb 2013 11:54:13 -0500 (EST) X-Virus-Scanned: amavisd-new at smetech.net Received: from odin.smetech.net ([208.254.26.82]) by localhost (ronin.smetech.net [208.254.26.81]) (amavisd-new, port 10024) with ESMTP id X1m1Snn7WIMr for ; Fri, 15 Feb 2013 11:53:32 -0500 (EST) Received: from [192.168.8.119] (unknown [207.87.202.130]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by odin.smetech.net (Postfix) with ESMTP id 11F419A400D for ; Fri, 15 Feb 2013 11:54:07 -0500 (EST) From: Russ Housley Content-Type: multipart/alternative; boundary=Apple-Mail-261-387937919 Date: Fri, 15 Feb 2013 11:53:47 -0500 References: To: IETF SAAG Message-Id: Mime-Version: 1.0 (Apple Message framework v1085) X-Mailer: Apple Mail (2.1085) Subject: [saag] Fwd: Use of full entropy in NIST Special Pub 800-90 series X-BeenThere: saag@ietf.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Security Area Advisory Group List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Feb 2013 16:53:56 -0000 --Apple-Mail-261-387937919 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=windows-1252 FYI Begin forwarded message: > From: "Caswell, Sara J." > Date: February 14, 2013 1:05:59 PM EST > To: "housley@vigilsec.com" > Subject: Use of full entropy in NIST Special Pub 800-90 series >=20 > NIST is in the process of adjudicating all comments received during = the SP 800-90B and SP 800-90C public comment period. In doing so, it = has been determined that the concept of full entropy as used in these = Special Publications only serves to confuse the entropy discussion. For = example, since true full entropy cannot be measured, the attempts to = draw a distinction between 0.9999668 bits of min-entropy per bit output = and full entropy do not provide meaningful results. As a result, a = decision was made to remove full entropy from the documents. This has = the following impact: >=20 > =B7 NIST SP 800-90A will be revised to remove references to = full entropy sources. > =B7 NIST SP 800-90B will focus on the components and = evaluation of entropy sources. The validation tests provided will all = produce a min-entropy estimate. No additional qualifiers (such as =93full= entropy=94) will be provided, since the entropy estimate is the only = result needed. > =B7 NIST SP 800-90C will no longer include the XOR NRBG = Construction. It will contain the other RBG constructions, along with a = description of how to use a validated entropy source (i.e., a guide = explaining how to use the entropy source to get the entropy needed, = given the entropy estimate).=20 >=20 > SP 800-90A and the initial drafts of SP 800-90B and C are available at = http://csrc.nist.gov/publications/PubsSPs.html. >=20 > NIST believes that this change will result in clearer, more useable = documentation. Please send any comments or concerns to = rbg_comments@nist.gov by March 1, 2013 using =93Comments on Full = Entropy=94 in the subject line. >=20 --Apple-Mail-261-387937919 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=windows-1252
From: "Caswell, Sara J." = <sara.caswell@nist.gov>
Date: February 14, 2013 1:05:59 PM EST
Subject: Use of full = entropy in NIST Special Pub 800-90 series

=B7 NIST = SP 800-90A will be revised to remove references to full entropy = sources.

=B7 NIST = SP 800-90B will focus on the components and evaluation of entropy = sources.  The validation tests provided will all produce a = min-entropy estimate.  No additional qualifiers (such as =93full = entropy=94) will be provided, since the entropy estimate is the only = result needed.

=B7 NIST = SP 800-90C will no longer include the XOR NRBG Construction.  It = will contain the other RBG constructions, along with a description of = how to use a validated entropy source (i.e., a guide explaining how to use the entropy source to get the entropy = needed, given the entropy estimate). 

SP 800-90A and the initial = drafts of SP 800-90B and C are available at NIST believes that this change = will result in clearer, more useable documentation.  Please send = any comments or concerns to  by March 1, 2013 using = =93Comments on Full Entropy=94 in the subject = line.


= --Apple-Mail-261-387937919--