Entropy Source Validation Testing
What atsec offers
The CMVP requires that all FIPS 140-2 and FIPS 140-3 module validation submissions include documentation justifying conformance to SP 800-90B if applicable. SP 800-90B, along with FIPS 140-2 Implementation Guidance (IG) documents 7.18, 7.19, and 7.20 and corresponding FIPS 140-3 IGs D.J, D.K, and D.O, outline the requirements for an entropy source to be included in a FIPS-approved cryptographic module.
This involves statistical analysis of raw entropy data (one million samples) collected from a continuous run of the noise source, as well as raw entropy data (another million samples) collected by concatenating 1,000 samples after a restart of the noise source with a total of 1,000 restarts. The design and operation of the noise source needs to be documented and reviewed.
atsec offers ESV testing as an accredited laboratory (NVLAP Lab code #200658).
The following entropy source implementations were tested by the atsec laboratory:
Vendor Implementation |
Certificate Date |
---|---|
Amazon Web Services, Inc. AWS-LC CPU Time Jitter RNG Entropy Source |
E77 2023-09-14 |
Cloudlinux Inc., TuxCare division OpenSSL FIPS provider CPU Time Jitter RNG Entropy Source |
E76 2023-09-08 |
Cloudlinux Inc., TuxCare division Kernel CPU Time Jitter RNG Entropy Source |
E75 2023-09-08 |
F5, Inc. CPU Jitter RNG |
E74 2023-09-07 |
Qualcomm Technologies, Inc. Entropy Source of the Qualcomm(R) Pseudo Random Number Generator |
E67 2023-09-01 |
Canonical Ltd. Canonical OpenSSL FIPS Provider CPU Time Jitter Entropy Source |
E62 2023-08-08 |
Oracle Corporation UEK7 CPU Time Jitter RNG Entropy Source |
E61 2023-08-08 |
Canonical Ltd. Userspace CPU Time Jitter RNG Entropy Source |
E60 2023-08-08 |
Canonical Ltd. Canonical Kernel CPU Time Jitter Entropy Source |
E59 2023-08-08 |
Intel Corporation Intel DRNG Entropy Source |
E57 2023-07-21 |
Red Hat, Inc. RHEL Kernel CPU Time Jitter RNG Entropy Source |
E54 2023-06-20 |
Juniper Networks, Inc. Kernel CPU Time Jitter RNG |
E50 2023-06-02 |
Red Hat, Inc. RHEL OpenSSL FIPS provider CPU Time Jitter Entropy source |
E48 2023-05-16 |
Red Hat, Inc. Userspace CPU Time Jitter RNG Entropy Source |
E47 2023-05-16 |
Oracle Corporation Kernel CPU Time Jitter RNG Entropy Source |
E37 2023-04-03 |
SUSE LLC Libgcrypt CPU Time Jitter RNG |
E31 2023-03-30 |
SUSE LLC Userspace Standalone CPU Time Jitter RNG (32-bit with external timer) |
E30 2023-03-30 |
SUSE LLC Userspace Standalone CPU Time Jitter RNG (64-bit with external timer) |
E29 2023-03-22 |
SUSE LLC Userspace Standalone CPU Time Jitter RNG (64-bit with internal timer) |
E28 2023-03-22 |
Nokia Nokia Jitter Entropy (JENT) |
E26 2023-03-21 |
SUSE LLC Userspace Standalone CPU Time Jitter RNG (32-bit with internal timer) |
E22 2023-03-08 |
SUSE LLC Kernel-RT CPU Time Jitter RNG |
E20 2023-02-13 |
SUSE LLC Kernel CPU Time Jitter RNG |
E19 2023-01-25 |
F5, Inc. CPU Jitter RNG |
E16 2023-01-25 |
Apple Inc. Apple corecrypto v11.1 non-physical entropy source |
E15 2023-01-19 |
Apple Inc. Apple corecrypto v11.1 physical entropy source |
E14 2023-01-19 |
IBM IBM Capri ASIC Entropy Source |
E9 2022-12-16 |
Red Hat, Inc. Kernel CPU Time Jitter RNG Entropy Source |
E8 2022-12-02 |