2014 FIPS disallows ANSI X9.31

Werner Koch wk at gnupg.org
Fri Jan 17 08:36:33 CET 2014

On Thu, 16 Jan 2014 18:21, john at masinter.net said:

> The ANSI X 9.31 RNG should be replaced with FIPS recommended SP800-90 DRBG.

Libgcrypt has a mechanism to select from several RNG implementaions.
Adding another one will be simple.  However, it is quite some work to
actually code and test it.

Frankly, I once looked the options but then figured that X9.31 will be
easier to implement and did just that.

> Is there any branch or work planned to address the 2014 change in FIPS
> requirements?

Is there anyone who wants to sponsor that?  From a technical and privacy
point of view a FIPS certification is useless.  In particular a DRNG
which does not address the problem of the seed.

> Or is there any option to build GnuPG with OpenSSL? (Are you laughing now?:)

GnuPG is tightly coupled to Libgcrypt. 



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gcrypt-devel mailing list