The page provides technical information about implementations that have been validated as conforming to the Deterministic Random Bit Generator (DRBG) Algorithm, as specified in Special Publication 800-90, Recommendation for Random Number Generation Using Deterministic Random Bit Generators
The list below describes implementations which have been validated as correctly implementing the DRBG algorithm, using the tests found in The DRBG Validation Suite (DRBGVS) This testing is performed by NVLAP accredited Cryptographic Module Testing (CMT) laboratories.
The implementations below consist of software, firmware, hardware, and any combination thereof. The National Institute of Standards and Technology (NIST) has made every attempt to provide complete and accurate information about the implementations described in this document. However, due to the possibility of changes made within individual companies, NIST cannot guarantee that this document reflects the current status of each product. It is the responsibility of the vendor to notify NIST of any necessary changes to its entry in the following list. A validation certificate issued to each vendor also indicates 1) the CMT laboratory that tested the implementation, and 2) the operating environment used to test the implementation (if software or firmware).
This list is ordered in reverse numerical order, by certificate number. Thus, the more recent validations are located closer to the top of the list. The column after the Validation Date column contains information indicating what modes and features for these modes has been successfully tested.
| Validation No. |
Vendor | Implementation | Operational Environment | Val. Date |
Description/Notes |
|---|---|---|---|---|---|
| 2 | RSA Security, Inc. 177 Bovet Road, Suite 200 San Mateo, CA 94402 USA -Kathy Kriese
|
Version 3.0 |
IBM Power3 w/ AIX 5L 5.3 (32-bit); IBM Power3 w/ AIX 5L 5.3 (64-bit); PA-RISC 2.0 w/ HP-UX 11i v1 (32-bit); PA-RISC 2.0W w/HP-UX 11i v2 (64-bit); Intel Itanium2 w/ HP-UX 11i v3 (32-bit); Intel Itanium2 w/ HP-UX 11i v3 (64-bit); Intel Celeron w/ Red Hat Enterprise Linux AS 4.0 (32-bit w/ LSB 3.0.3); Intel AMD Athlon X2 w/ Red Hat Enterprise Linux AS 5.0 (64-bit w/ LSB 3.0.3); SPARC V8 w/ Solaris 10 (32-bit); SPARC V8+ w/ Solaris 10 (32-bit); SPARC V9 w/ Solaris 10 (64-bit); AMD Opteron w/ Solaris 10 (64-bit); PowerPC 603 w/ VxWorks 5.5; PowerPC 604 w/ VxWorks 5.5; PowerPC 604 w/ VxWorks 6.0; Intel PXA250 w/ Windows Mobile 2003; Intel PXA270 w/ Windows Mobile 5; Intel PXA270 w/ Windows Mobile 6.0; AMD Athlon X2 w/ Windows Server 2003 SP2 (64-bit w/ MT Static Wrap); Intel Itanium2 w/ Windows Server 2003 SP2 (64-bit w/ MT Static Wrap); Intel Itanium2 w/ Windows Server 2003 SP2 (w/ MD Dynamic Wrap); Intel Pentium M w/ Windows XP Professional SP2 (w/ MT Static Wrap); AMD Athlon X2 w/ Windows Vista Ultimate (32-bit w/ MD Dynamic Wrap); Intel Pentium D w/ Windows Vista Ultimate (64-bit w/ MD Dynamic Wrap) | 7/3/2008 |
Hash_Based DRBG [ HMAC_DRBG: SHA-1 , SHA-224 , SHA-256 , SHA-384 , SHA-512 ( SHS Cert#807 ) ]
Dual_EC_DRBG
"RSA BSAFEĀ® Crypto-C ME software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. The software supports a wide range of industry standard encryption algorithms offering developers the flexibility to choose the appropriate option to meet their requirements." |
| 1 | Certicom Corp. 5520 Explorer Drive, 4th Floor Mississauga, Ontario L4W 5L1 Canada -Atsushi Yamada
-Rob Williams
|
Version 2.2 |
Intel Core 2 Duo w/ Windows 2008 Server 64-bit w/ JRE 1.6.0; Intel Pentium III w/ Linux Redhat AS5 32 Bit w/ JRE 1.6.0; Intel Pentium D w/ Redhat Linux AS5 64 bit w/ JRE 1.6.0; Sun UltraSPARC III w/ Solaris 10 32 Bit w/ JRE 1.6.0; Sun UltraSPARC III w/ Solaris 10 64 bit w/ JRE 1.6.0; Intel Pentium D w/ Windows Vista 32 bit w/ JRE 1.6.0; Intel Core 2 Duo w/ Windows Vista 64 bit w/JRE 1.6.0 | 6/13/2008 |
Hash_Based DRBG [ Hash_DRBG: SHA-1 , SHA-224 , SHA-256 , SHA-384 , SHA-512 ( SHS Cert#802 ) ] [ HMAC_DRBG: SHA-1 , SHA-224 , SHA-256 , SHA-384 , SHA-512 ( SHS Cert#802 ) ]
CTR_DRBG "Security Builder GSE-J is a standards-based cryptographic toolkit written in Java. It supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into Java-based applications." |
Computer Security Division
National Institute of Standards and Technology