The National Institute of Standards and Technology (NIST) announced last week that it is seeking comments on its draft publication “Recommendation for the Entropy Sources Used for Random Bit Generation.” What does this mean in layman’s terms? Basically, in order to protect private messages, cryptography is used to encrypt the messages into a form that cannot be accessed or understood without using a random number that allows access. This is often used in two-level authentication. This publication provides recommendations that are designed to make sure the random numbers used are sufficiently unpredictable. According to NIST, “When you’re accessing your process for generating randomness, you want to make sure nothing is broken and that it is performing consistently. We would like the public’s input on ways we can improve these tests.”
A public workshop to address these and other security issues will be held at NIST on May 2-3, 2016.