jeudi 25 août 2016

RdRand and NIST800-22

Is it reasonable that Intel's RdRand/RdSeed RNGs are failing NIST 800-22 statistical tests?

I did a very simple experiment on my home laptop (which supports RdRand and RdSeed):

  1. sampled bit-streams from RdRand and RdSeed using sample code provided by Intel (http://ift.tt/1oGRAvg)
  2. fed the RNG bit streams to NIST 800-22 statistical test suite, which can be downloaded online (http://ift.tt/1BLvQ8z)

I used two setups:

  1. fast - 500 bit-streams, of 100Kbit each
  2. slow - 1,000 bit-streams, of 1Mbit each

both tests failed miserably! (most P-values are 0!)

in order to test myself. I sampled 500x100Kb / 1,000x1Mb streams from /dev/urandom, and also fed it to NIST 800-22 test battery. this one passed with no apparent problem.

I'm especially surprised seeing these results, as I know that Intel's RNG is post-processed using a cryptographic function, so even if not truly random I estimated it will be able to pass NIST test battery.

would appreciate to get your feedback, and thoughts (did I miss anything? can Intel's RNG really be that bad?)

thanks!




Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)