Reference Guide
26 Secure Operation of Crypto-C ME
RSA BSAFE Crypto-C Micro Edition 4.1 Security Policy
Level 1
3.6 Pseudo-random Number Generator
In all modes of operation, Crypto-C ME provides the CTR DRBG as the default
pseudo-random number generator (PRNG).
Users can choose to use an approved PRNG other than the default, including HMAC
DRBG or FIPS 186-2 (with or without mod q) when creating a cryptographic object
and setting this object against the operation requiring random number generation (for
example, key generation).
Crypto-C ME
also includes a non-approved Entropy PRNG used to generate seed
material for the approved PRNGs.
3.6.1 PRNG Seeding
In the FIPS 140-2 validated library,
Crypto-C ME
implements deterministic PRNGs,
which can be called to generate random data. The quality of the random data output
from these PRNGs depends on the quality of the supplied seeding (entropy).
Crypto-C ME
provides internal entropy collection (for example, from high precision
timers) where possible. On platforms with limited internal sources of entropy, it is
strongly recommended to collect entropy from external sources.
Additional entropy sources can be added to an application either by:
• Replacing internal entropy by calling
R_CR_set_info() with
R_CR_INFO_ID_RAND_ENT_CB and the parameters for an application-defined
entropy collection callback function.
• Adding to internal entropy by calling
R_CR_entropy_resource_init() to
initialize an entropy resource structure and then adding this to the library context
by calling
R_LIB_CTX_add_resource().
For more information about these functions, see the RSA BSAFE Crypto-C Micro
Edition API Reference Guide.
Note: If entropy from external sources is added to an application using
R_CR_set_info() with R_CR_INFO_ID_RAND_ENT_CB or
R_CR_entropy_resource_init(), no assurances are made about the
minimum strength of generated keys.
For more information about seeding PRNGs, see “Randomness Recommendations for
Security” in RFC 1750.