Powered by Google www.ChineseStandard.net Database: 189759 (21 Apr 2024)

GM/T 0103-2021 (GMT0103-2021)

GM/T 0103-2021_English: PDF (GMT 0103-2021, GMT0103-2021)
Standard IDContents [version]USDSTEP2[PDF] delivered inStandard Title (Description)StatusPDF
GM/T 0103-2021English200 Add to Cart 0--9 seconds. Auto-delivery General framework of random number generator Valid GM/T 0103-2021

BASIC DATA
Standard ID GM/T 0103-2021 (GM/T0103-2021)
Description (Translated English) General framework of random number generator
Sector / Industry Chinese Industry Standard (Recommended)
Classification of Chinese Standard L80
Word Count Estimation 10,191
Date of Issue 2021-10-18
Date of Implementation 2022-05-01

Standards related to: GM/T 0103-2021

GM/T 0103-2021
GM
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.030
CCS L 80
General framework of random number generator
ISSUED ON: OCTOBER 18, 2021
IMPLEMENTED ON: MAY 01, 2022
Issued by: National Cryptography Administration
Table of Contents
Foreword ... 3
1 Scope ... 4
2 Normative references ... 4
3 Terms and definitions ... 4
4 Overall framework of random number generator design ... 6
4.1 Overview ... 6
4.2 Entropy... 7
4.3 Entropy evaluation ... 8
4.4 Post-processing ... 8
4.5 Testing ... 9
Appendix A (Informative) Standard system framework of random number generator10
References ... 12
General framework of random number generator
1 Scope
This document is an overall upper standard for random number generator design; it
specifies the overall framework for random number generator design.
This document is applicable to the research, development, and testing of random
number generators. It can also promote the formulation of relevant standards for
random number generators.
2 Normative references
The contents of the following documents constitute the essential provisions of this
document through normative references in the text. Among them, for dated references,
only the version corresponding to the date is applicable to this document; for undated
references, the latest version (including all amendments) is applicable to this document.
GB/T 25069 Information security technology - Glossary
GB/T 32915 Information security technology - Binary sequence randomness
detection method
GM/T 0062 Random number test requirements for cryptographic modules
GM/T 0078-2020 The design guidelines for cryptographic random number
generation module
GM/T 0105 Design guide for software-based random number generators
GM/Z 4001 Cryptographic terminology
3 Terms and definitions
The terms and definitions as defined in GB/T 25069, GB/T 32915, GM/T 0062, GM/T
0078, GM/T 0105, GM/Z 4001, as well as the following terms and definitions, apply to
this document.
3.1
Entropy source
A component, device, or event that produces an output. When this output is captured
and processed in some way, a bitstring containing an entropy is produced.
[Source: GB/T 25069-2010, 2.1.31]
3.2
Thermal noise
Typically unwanted, but inherently generated spurious electrical signals (also known
as "white noise") in components (such as operational amplifiers, reverse-biased
diodes, or resistors).
Note: Usually every effort is made to minimize this phenomenon. However, the
unpredictability of this phenomenon can be exploited as a source of entropy, in random
bitstream generation.
[Source: GB/T 25069-2010, 2.2.4.8]
3.3
Chaotic oscillation
The complex and disordered oscillation state of a nonlinear system.
Note: Rooted in the local instability of the system, it manifests as initial value sensitivity
and inherent randomness.
3.4
Phase jitter
Rapid, short-term, random fluctuations in wave phase, which is caused by temporal
instabilities.
3.5
Quantum random process
A random phenomenon/process, which has intrinsic quantum randomness.
Note: Its random nature is explained and guaranteed by the principle of quantum mechanics.
The quantum stochastic process, which is used to generate random numbers, generally
includes single-photon path selection, the number of photons contained in an optical pulse,
the time interval between adjacent photons, vacuum fluctuations, laser phase noise,
amplified spontaneous emission noise.
3.6
Random number generator
A device or program for generating random binary sequences.
[Source: GB/T 32915-2016, 2.2]
3.7
Software-based RNG
The random number generator component in the software cryptographic module (or
the software component of the hybrid cryptographic module), which can be used
either as the software cryptographic module alone, or as a part of the software
cryptographic module (or the software part of the hybrid cryptographic module).
[Source: GM/T 0105-2021, 3.13]
3.8
Raw random number sequence
A sequence of discrete random values obtained through digitizing the outputs of
entropy source.
3.9
Random number sequence
A sequence of numbers, in which each term cannot be inferred, given the knowledge
of the other terms.
[Source: GB/T 25069-2010, 2.2.2.184]
4 Overall framework of random number generator design
4.1 Overview
The random number generator's design framework is as shown in Figure 1. The random
number generator usually includes entropy source, post-processing, testing. In the
design stage, entropy evaluation is performed on the entropy source or random source
sequence, whilst in the product testing and use phase, the validity test or randomness
test is performed on the random source sequence or random number sequence.
characteristics of uncertain events in the real world, such as measuring thermal
noise level values, etc. The theoretical stochastic model of physical entropy is
clear and reasonable; the rationality of the claimed stochastic model can be
verified, through the collected sample data. The entropy of the physical entropy
source output shall be theoretically estimated, meanwhile the estimated value
must be greater than a certain threshold, to ensure that the output has enough
entropy.
b) Non-physical entropy sources refer to non-deterministic entropy sources, that do
not belong to physical entropy sources, such as collecting mouse or keyboard
actions, etc. The non-physical entropy source is provided by the operating
environment, where the random number generator is located (such as the
operating system, external devices), so certain precautions shall be taken, to
reduce the possibility of the adversary cracking the non-physical entropy source
(such as the predicted output). The sufficiency and stability of the entropy output
by the non-physical entropy source can be demonstrated, by modeling or
experiments.
The entropy source is the source of the random number, which is generated by the
random number generator. When the entropy source fails, it needs to be quickly
detected by the random number generator, meanwhile corresponding processing shall
be done according to the testing output, such as generating an alarm signal.
4.3 Entropy evaluation
The entropy evaluation predicts and evaluates the random source sequence, through
theoretical modeling analysis, statistical testing and other methods, to obtain the
entropy estimate.
According to the different design principles of entropy sources, select the applicable
entropy evaluation method. The entropy evaluation method shall be reasonable and
effective; the estimated value shall be greater than a certain threshold, such as 0.997.
Entropy evaluation may not be implemented, inside the random number generator.
4.4 Post-processing
The post-processing module processes the random source sequence; generates a
random number sequence, that meets the statistical testing, through a post-processing
algorithm. The post-processing module is optional; in practice, it shall be decided to
select it or not, according to the statistical characteristics of the random source sequence.
There are many post-processing algorithms, such as cryptographic function post-
processing method based on block ciphers, hash functions, m-sequences, etc., as well
as the light post-processing method such as Von Neumann corrector, XOR chain, parity
grouping, m-LSB, etc. The design can be carried out, according to the characteristics of
...