DRBGs & TRNGs
Incorrect NIST publication cited.
There are three related and somewhat overlapping NIST Special Publications all SP 800-90*
90A covers the need for quality DRBGs and outlines the NIST approved high level designs
90B looks at the sources of entropy that are available to seed a DRBG
90C provides pseudocode realisations of the designs presented in 90A
Accordingly SP 800-90B does not provide any assessment criteria for either
DRBG
TRNG used as seed for DRBG
The quality of the output of a DRBG design should be measured by a suite of statistical tests such as 'Dieharder'.
However, a minimised yet statistically meaningful subset of such tests should be executed on every DRBG instance on every power-up as a 'health test'.
Biting the hand that feeds IT
