This is a non-exhaustive list of recommended software random number generators. Generally, hardware random number generators are preferred. Both types should follow the requirements specified in CB2: Types of Cryptographic Algorithms.

Based on java documentation, a random number can be generated using SecureRandom. This class provides a cryptographically strong random number generator (RNG).

public class SecureRandom extends Random
/*
A cryptographically strong random number minimally complies with the statistical random number generator
tests specified in FIPS 140-2, Security Requirements for
Cryptographic Modules. SecureRandom must produce
non-deterministic output. SecureRandom is acceptable only if seeding/entropy source is provable sufficiently secure
*/
public static void main(String[] args) t....... {
    SecureRandom ranGen = new SecureRandom();
}

Implementation

  • A software based RNG solution shall be sufficient through CV pilot until hardware based solutions are identified and accepted.
  • Java SecureRandom running on a virtual machine is only acceptable if the host machine entropy is accessible and used by the VM. This can be accomplished by employing utilities such as virtio-rng. Please check your desired VM implementation for support of such a feature. 

Testing

  • The used RNG shall be tested using the NIST SP800-22b statistical test suite "sts-2.1.1". A description of the test suite (NIST Special Publication 800-22rev1a, dated April 2010) and the NIST statistical test suite software sts-2.1.1 are available at http://csrc.nist.gov/groups/ST/toolkit/rng/documentation_software.html
  • The NIST test suite allows testing an input file of RNG output with various tests. The following tests shall be performed. All tests shall use sufficiently sized input files to the NIST test suite.  
    1. Test Randomness: Generate random output of SecureRandom on the VM and run all tests of the NIST test suite.
    2. Test Seeding: Generate random output o_1 of SecureRandom on the VM at time t (relative to start-up time). Restart the VM and generate random output o_2 of SecureRandom on the VM at time t (relative to start-up time). Combine o_1 and o_2 in a single file, and run the full NIST test suite.  
    3. Test nonce and reconstruction values: While an SCMS component operates normally, store the output of SecureRandom in a file and run the full NIST test suite. 
  • A third party description of proper RNG testing can be found at http://www.st.com/web/en/resource/technical/document/application_note/DM00073853.pdf (cp. sections 2 and 3).

Attachments: