[PATCH v2 1/8] SP800-90A Deterministic Random Bit Generator

Stephan Mueller smueller at chronox.de
Sun Mar 9 00:25:00 CET 2014

This is a clean-room implementation of the DRBG defined in SP800-90A.
All three viable DRBGs defined in the standard are implemented:

 * HMAC: This is the leanest DRBG and compiled per default
 * Hash: The more complex DRBG can be enabled at compile time
 * CTR: The most complex DRBG can also be enabled at compile time

The DRBG implementation offers the following:

 * All three DRBG types are implemented with a derivation function.
 * All DRBG types are available with and without prediction resistance.
 * All SHA types of SHA-1, SHA-256, SHA-384, SHA-512 are available for
 * the HMAC and Hash DRBGs.
 * All AES types of AES-128, AES-192 and AES-256 are available for the
 * A self test is implemented with drbg_healthcheck().
 * The FIPS 140-2 continuous self test is implemented.
 * Additional cipher primitives, such as Serpent or Twofish, can be
 * added to the DRBG without changing the implementation. The only
 * change necessary is to the DRBG definition given in the cores[]
 * array.

Signed-off-by: Stephan Mueller <smueller at chronox.de>

 create mode 100644 random/drbg.c
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-SP800-90A-Deterministic-Random-Bit-Generator.patch.bz2
Type: application/x-bzip
Size: 21850 bytes
Desc: not available
URL: </pipermail/attachments/20140309/28523f85/attachment-0001.bin>

More information about the Gcrypt-devel mailing list