RE: [kmip] KMIP: RNG Proposals

[Tim Hudson <tjh@cryptsoft.com>]

Following up on the suggestion from Bob Burns that if NIST lists it in the validation list that is a good indication we should include it, I've taken another pass through the current list to pick up what we missed last time around and any other changes and to check to see what else I might have missed.

For the current NIST RNG validation lists there are the following items not covered in the current working draft:
    (None)
   
For the current NIST RNGVS there are the following testing items not covered in the current working draft:
    Minimum and maximum seed lengths (bit ranges)
    Q value (if a specific value is required)

For the current NIST DRBG validation lists there are the following items not covered in the current working draft:
    Prediction Resistance Tested: Enabled
    Prediction Resistance Tested: Not Enabled
    BlockCipher_No_df
    BlockCipher_Use_df

(df = whether or not a derivation function is used)

For the current NIST DRBGVS there are the following testing items not covered in the current working draft:
    Entropy Input (bit length ranges)
    Nonce (bit length ranges)
    Personalization string (bit length ranges)
    Additional input (bit length ranges)

And for the operational testing parameters:
    Requested Instantiation Security Strength
    Requested Security Strength
    Reseeding supported

See http://csrc.nist.gov/groups/STM/cavp/documents/rng/rngval.html and http://csrc.nist.gov/groups/STM/cavp/documents/drbg/drbgval.html

If we added the following into RNG Parameters that would cover off on what is currently noted in the validation lists:
    Prediction Resistance Enabled - Boolean
    Derivation Function Used - Boolean

If we want to include any of the other items that are used in the testing process then that is a larger set of changes and those are items not reflected in the validation lists.

Tim.