The National Institute of Standards and Technology has released the second draft of a document that aims to help computer security professionals assess whether an entropy source of randomness is capable to protect sensitive information.
NIST will accept public comments on the latest draft of its publication “Recommendation for the Entropy Sources Used for Random Bit Generation” through May 9, the agency said Wednesday.
According to NIST, an entropy source is used to generate random numbers as part of cryptography, a process used to encrypt data in order to protect sensitive information from unauthorized access.
“This draft document proposes a lot of tests that you can use to validate your entropy source to tell you how good a job it is doing,” said Elaine Barker, one of the authors of the publication at NIST.
“We would like the public’s input on ways we can improve these tests,” she added.