To get an entropy source approved under FIPS 140-3 there are two options: ENT (P) or ENT (NP) entry on the FIPS module validation certificate (until October 1st, 2022) ESV certificate awarded by NIST’s Entropy Source Validation Testing (ESVT) This …
Beyond the testing: FIPS 140-3 documentation inputs
First time vendors to the FIPS 140 validation process are often not aware of the scope of supporting documentation and evidence required. These documentation inputs are integral to the lab being able to perform and finalize the full validation process. …
NIST 800-90B Input Data Considerations
For the past few years, the Common Criteria program has been mandating entropy analysis for almost all protection profile based evaluations. Since November 2020, NIST 800-90B has also become a mandatory requirement under the FIPS 140-2 and the forthcoming FIPS …
NIST 800-90B Concepts
The claimed entropy source for a FIPS 140 validated module now requires compliance to NIST SP800-90B. This means that any cryptographic module going through FIPS 140-2 or FIPS 140-3 validation needs to adhere to NIST implementation guidance 7.18 – Entropy …
Gathering Raw Unconditioned Entropy in a Live Linux System
As part of our continued product development efforts supporting assurance modernization, the Lightship team sometimes develop useful experimental tools or proofs of concepts. A while ago we developed a proof of concept to extract raw unconditioned entropy from a live …
Quantitative Analysis of Entropy
[Jan 12, 2018 update: With the final release of NIST SP 800-90B, we’ve updated this post to reflect the new published status of this NIST SP as well as to correct any differences between rev2 and the final publication.] …
Code for NIST Entropy Health Testing
[Jan 12, 2018 update: With the final release of NIST SP 800-90B, we’ve updated the sample health test code to match the minor changes between rev2 and the final version. The narrative of this post with respect to requirements for …
