Ȩ > Ç¥ÁØÈ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ
Ç¥ÁعøÈ£ | TTAK.KO-12.0341/R1 | ±¸Ç¥ÁعøÈ£ | |
---|---|---|---|
Á¦°³Á¤ÀÏ | 2020-12-10 | ÃÑÆäÀÌÁö | 26 |
ÇѱÛÇ¥Áظí | ¼ÒÇÁÆ®¿þ¾î ¾ÏÈ£¸ðµâ¿¡ »ç¿ëµÇ´Â ÀâÀ½¿ø ½ÃÇèÆò°¡ Áöħ | ||
¿µ¹®Ç¥Áظí | Guideline for Testing Noise Sources used in Software Cryptographic Modules | ||
Çѱ۳»¿ë¿ä¾à | ¾ÏÈ£¸ðµâÀÇ ¾ÈÀü¼ºÀ» º¸Àå¹Þ±â À§Çؼ´Â ¾ÏȣŰ, º¸¾È ¸Å°³º¯¼ö, ³í½º µîÀÇ »ý¼º¿¡ »ç¿ëµÇ´Â ³¼ö°¡ ¾ÏÈ£ÇÐÀû ³¼ö¹ß»ý±â·ÎºÎÅÍ ¾ÈÀüÇÏ°Ô »ý¼ºµÇ¾î¾ß ÇÑ´Ù. ¾ÏÈ£ÇÐÀû ³¼ö¹ß»ý±â´Â Å©°Ô ¿£Æ®·ÎÇÇ ¼öÁý ´Ü°è¿Í Àǻ糼ö »ý¼º ´Ü°è·Î ³ª´ ¼ö ÀÖÀ¸¸ç, °¢ ´Ü°èÀÇ ¾ÈÀü¼º Æò°¡¸¦ À§ÇØ Àǻ糼ö »ý¼º¿¡ »ç¿ëµÇ´Â °áÁ¤·ÐÀû ¾Ë°í¸®ÁòÀÇ ±¸Çö Á¤È®¼ºÀ» °ËÁõÇÏ°í ¿£Æ®·ÎÇÇ ¼Ò½º ±¸¼º¿¡ »ç¿ëµÇ´Â ÀâÀ½¿ø¿¡ ´ëÇÑ Åë°èÀû ³¼ö¼º °ËÁ¤°ú ¿£Æ®·ÎÇÇ Æò°¡¸¦ ¼öÇàÇØ¾ß ÇÑ´Ù.
ÀÌ¿¡ ÀÌ Ç¥ÁØ¿¡¼´Â ¼ÒÇÁÆ®¿þ¾î ¾ÏÈ£¸ðµâ À§ÁÖÀÎ ±¹³» ȯ°æÀ» °í·ÁÇÏ¿© ¡°¼ÒÇÁÆ®¿þ¾î ȯ°æ¿¡¼ÀÇ ³¼ö¹ß»ý±â ÀâÀ½¿ø ¿£Æ®·ÎÇÇ °ËÁõ ¾Ë°í¸®Áò¡±(TTAK.KO-12.0306/R1)À» Àοë Ç¥ÁØÀ¸·Î Çϸç, Àοë Ç¥ÁØ¿¡ Á¦½ÃµÈ °ËÁõ ¾Ë°í¸®Áò°ú NIST SP800-90B¸¦ È°¿ëÇÏ¿© ¼ÒÇÁÆ®¿þ¾î ¾ÏÈ£¸ðµâÀÇ ÀâÀ½¿ø¿¡ ´ëÇÑ ½ÃÇèÆò°¡ ÀýÂ÷¿Í ±× Á¤·®ÀûÀÎ ±âÁØÀ» Á¦½ÃÇÑ´Ù. ÀÌ Ç¥ÁØ¿¡¼´Â ÀâÀ½¿ø ½ÃÇèÆò°¡ ÀýÂ÷, ½ÃÇèÆò°¡ Ç׸ñ ¹× ±âÁØ°ú ¼ÒÇÁÆ®¿þ¾î ¾ÏÈ£¸ðµâ¿¡¼ ¼öÁýµÈ ÀâÀ½¿øÀ¸·Î ¾ÏÈ£ÇÐÀû ³¼ö¹ß»ý±âÀÇ ½Ãµå¸¦ »ý¼ºÇÏ´Â °¡À̵带 Á¦½ÃÇÑ´Ù. |
||
¿µ¹®³»¿ë¿ä¾à | To ensure the security of cryptographic modules, random numbers used as encryption key, security parameters, nonce, etc. shall be securely generated by the cryptographic random number generator. The cryptographic random number generator is composed of two major steps, which are collecting data from noise sources and generating pseudorandom numbers. For the security evaluation of each step, it is necessary to verify the conformance test for the implementations of cryptographic algorithms used for generating pseudorandom numbers, and testing noise sources consists of statistical tests for randomness and entropy tests. Considering domestic trend of software-oriented encryption modules, this standard proposes the testing guideline and quantitative evaluation criteria using the algorithms described in the normative reference ¡°Entropy Evaluation Algorithms for Noise Sources in Software Environments(TTAK.KO-12.0306/R1)¡± and in NIST SP800-90B. | ||
±¹Á¦Ç¥ÁØ | |||
°ü·ÃÆÄÀÏ | TTAK_[1].KO-12.0341_R1.pdf |