Codeofchina.com is in charge of this English translation. In case of any doubt about the English translation, the Chinese original shall be considered authoritative.
This standard is developed in accordance with the rules given in GB/T 1.1-2009.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. The issuing body of this document shall not be held responsible for identifying any or all such patent rights.
This standard was proposed by and is under the jurisdiction of the Cryptography Standardization Technical Committee.
Introduction
Random numbers play an extremely important role in cryptographic application. For example, the keys in cryptographic algorithms shall be random numbers, and random numbers are also required in intermediate processes of many cryptographic protocols.
A random number generator refers to a dedicated integrated device that generates a random number or a random number generation part in a device.
When a random number generator is used to generate a random number, the quality of the random number plays a key role in ensuring the security of the entire system. For the purpose of this standard, the cryptographic modules are classified into Categories A, B, C, D and E for the random number test. The random number test for each category includes four different application phases, i.e., sample test, delivery test, power on test and running test, and random number test requirements are put forward for all application phases of each category.
Random number test requirements for cryptographic modules
1 Scope
This standard specifies test indexes and requirements for the randomness of generating a random number using a random number generator through hardware in application of cryptographic modules.
This standard is applicable to the test of the random number generator, and can also provide guidance for the development of the random number generator.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 32915 Information security technology - Randomness test methods for binary sequence
3 Terms, definitions and symbols
3.1 Terms and definitions
For the purposes of this document, the terms and definitions established in GB/T 32915 and the following apply.
3.1.1
sample test
randomness test for the cryptographic modules that the manufacturer's sample is submitted to a third-party testing organization for test
3.1.2
delivery test
random number function and quality test for the cryptographic modules, which is performed by the manufacturer before their delivery
3.1.3
power on test
random number function test for the cryptographic modules that is automatically performed at power-on
3.1.4
running test
random number function test for the cryptographic modules that is automatically performed during their operation, which is classified into cyclical test and single test
3.1.5
cyclical test
random number function test for the cryptographic modules that is automatically performed at a certain time interval during their operation
3.1.6
single test
random number function test for the cryptographic modules that is automatically performed before use of the random number each time during their operation
3.2 Symbols
For the purposes of this document, the following symbols apply.
α—significance level
m—block length of poker test
4 Description of random number test
4.1 Classification of cryptographic modules
For the purpose of this standard, the cryptographic modules are classified into Categories A, B, C, D and E for the random number test, with respective main features and typical forms.
For Category A cryptographic modules, they cannot be used independently as functional products; their typical forms include random number generator chip, etc.
For Category B cryptographic modules, they are powered on when used, and they have limited processing capacity in the random number test and have strict requirements for power on response speed; their typical forms include IC card, etc.
For Category C cryptographic modules, they are powered on when used, and they have limited processing capacity in the random number test and have no strict requirements for power on response speed; their typical forms include USBKey, etc.
For Category D cryptographic modules, they are powered on for a long term, and they have limited processing capacity in the random number test and have no strict requirements for power on response speed; their typical forms include POS machine, etc.
For Category E cryptographic modules, they are powered on for a long term, and they have relatively strong processing capacity in the random number test, and have no requirements for power on response speed; their typical forms include server, etc.
In addition, this standard put forwards random number test requirements for each category.
4.2 Division of application stages
For the purpose of this standard, four different application stages are divided for the random number test, i.e., sample test, delivery test, power on test, and running test.
For the above four application stages, this standard specifies corresponding random number test methods.
4.3 Data format
To-be-tested data shall be tested in the form of binary sequence.
4.4 Test items
For the purpose of this standard, the randomness test items involve 15 items specified in GB/T 32915, i.e., monobit frequency test, frequency test within a block, poker test, serial test, runs test, runs distribution test, test for the longest run of ones in a block, binary derivative test, autocorrelation test, binary matrix rank test, cumulative test, approximate entropy test, linear complexity test, universal test, and discrete fourier transform test.
Foreword i
Introduction ii
1 Scope
2 Normative references
3 Terms, definitions and symbols
3.1 Terms and definitions
3.2 Symbols
4 Description of random number test
4.1 Classification of cryptographic modules
4.2 Division of application stages
4.3 Data format
4.4 Test items
4.5 Significance level
4.6 Setting of parameters
5 Random number test for Category A cryptographic modules
5.1 Sample test
5.2 Delivery test
5.3 Power on test
5.4 Running test
6 Random number test for Category B cryptographic modules
6.1 Sample test
6.2 Delivery test
6.3 Power on test
6.4 Running test
7 Random number test for Category C cryptographic modules
7.1 Sample test
7.2 Delivery test
7.3 Power on test
7.4 Running test
8 Random number test for Category D cryptographic modules
8.1 Sample test
8.2 Delivery test
8.3 Power on test
8.4 Running test
9 Random number test for Category E cryptographic modules
9.1 Sample test
9.2 Delivery test
9.3 Power on test
9.4 Running test
Codeofchina.com is in charge of this English translation. In case of any doubt about the English translation, the Chinese original shall be considered authoritative.
This standard is developed in accordance with the rules given in GB/T 1.1-2009.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. The issuing body of this document shall not be held responsible for identifying any or all such patent rights.
This standard was proposed by and is under the jurisdiction of the Cryptography Standardization Technical Committee.
Introduction
Random numbers play an extremely important role in cryptographic application. For example, the keys in cryptographic algorithms shall be random numbers, and random numbers are also required in intermediate processes of many cryptographic protocols.
A random number generator refers to a dedicated integrated device that generates a random number or a random number generation part in a device.
When a random number generator is used to generate a random number, the quality of the random number plays a key role in ensuring the security of the entire system. For the purpose of this standard, the cryptographic modules are classified into Categories A, B, C, D and E for the random number test. The random number test for each category includes four different application phases, i.e., sample test, delivery test, power on test and running test, and random number test requirements are put forward for all application phases of each category.
Random number test requirements for cryptographic modules
1 Scope
This standard specifies test indexes and requirements for the randomness of generating a random number using a random number generator through hardware in application of cryptographic modules.
This standard is applicable to the test of the random number generator, and can also provide guidance for the development of the random number generator.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 32915 Information security technology - Randomness test methods for binary sequence
3 Terms, definitions and symbols
3.1 Terms and definitions
For the purposes of this document, the terms and definitions established in GB/T 32915 and the following apply.
3.1.1
sample test
randomness test for the cryptographic modules that the manufacturer's sample is submitted to a third-party testing organization for test
3.1.2
delivery test
random number function and quality test for the cryptographic modules, which is performed by the manufacturer before their delivery
3.1.3
power on test
random number function test for the cryptographic modules that is automatically performed at power-on
3.1.4
running test
random number function test for the cryptographic modules that is automatically performed during their operation, which is classified into cyclical test and single test
3.1.5
cyclical test
random number function test for the cryptographic modules that is automatically performed at a certain time interval during their operation
3.1.6
single test
random number function test for the cryptographic modules that is automatically performed before use of the random number each time during their operation
3.2 Symbols
For the purposes of this document, the following symbols apply.
α—significance level
m—block length of poker test
4 Description of random number test
4.1 Classification of cryptographic modules
For the purpose of this standard, the cryptographic modules are classified into Categories A, B, C, D and E for the random number test, with respective main features and typical forms.
For Category A cryptographic modules, they cannot be used independently as functional products; their typical forms include random number generator chip, etc.
For Category B cryptographic modules, they are powered on when used, and they have limited processing capacity in the random number test and have strict requirements for power on response speed; their typical forms include IC card, etc.
For Category C cryptographic modules, they are powered on when used, and they have limited processing capacity in the random number test and have no strict requirements for power on response speed; their typical forms include USBKey, etc.
For Category D cryptographic modules, they are powered on for a long term, and they have limited processing capacity in the random number test and have no strict requirements for power on response speed; their typical forms include POS machine, etc.
For Category E cryptographic modules, they are powered on for a long term, and they have relatively strong processing capacity in the random number test, and have no requirements for power on response speed; their typical forms include server, etc.
In addition, this standard put forwards random number test requirements for each category.
4.2 Division of application stages
For the purpose of this standard, four different application stages are divided for the random number test, i.e., sample test, delivery test, power on test, and running test.
For the above four application stages, this standard specifies corresponding random number test methods.
4.3 Data format
To-be-tested data shall be tested in the form of binary sequence.
4.4 Test items
For the purpose of this standard, the randomness test items involve 15 items specified in GB/T 32915, i.e., monobit frequency test, frequency test within a block, poker test, serial test, runs test, runs distribution test, test for the longest run of ones in a block, binary derivative test, autocorrelation test, binary matrix rank test, cumulative test, approximate entropy test, linear complexity test, universal test, and discrete fourier transform test.
Contents of GM/T 0062-2018
Foreword i
Introduction ii
1 Scope
2 Normative references
3 Terms, definitions and symbols
3.1 Terms and definitions
3.2 Symbols
4 Description of random number test
4.1 Classification of cryptographic modules
4.2 Division of application stages
4.3 Data format
4.4 Test items
4.5 Significance level
4.6 Setting of parameters
5 Random number test for Category A cryptographic modules
5.1 Sample test
5.2 Delivery test
5.3 Power on test
5.4 Running test
6 Random number test for Category B cryptographic modules
6.1 Sample test
6.2 Delivery test
6.3 Power on test
6.4 Running test
7 Random number test for Category C cryptographic modules
7.1 Sample test
7.2 Delivery test
7.3 Power on test
7.4 Running test
8 Random number test for Category D cryptographic modules
8.1 Sample test
8.2 Delivery test
8.3 Power on test
8.4 Running test
9 Random number test for Category E cryptographic modules
9.1 Sample test
9.2 Delivery test
9.3 Power on test
9.4 Running test