Ç¥ÁØÈ­ Âü¿©¾È³»

TTAÀÇ Ç¥ÁØÇöȲ

Ȩ > Ç¥ÁØÈ­ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ

Ç¥ÁعøÈ£ TTAK.KO-12.0341/R1 ±¸Ç¥ÁعøÈ£
Á¦°³Á¤ÀÏ 2020-12-10 ÃÑÆäÀÌÁö 26
ÇѱÛÇ¥ÁØ¸í ¼ÒÇÁÆ®¿þ¾î ¾ÏÈ£¸ðµâ¿¡ »ç¿ëµÇ´Â ÀâÀ½¿ø ½ÃÇèÆò°¡ Áöħ
¿µ¹®Ç¥Áظí Guideline for Testing Noise Sources used in Software Cryptographic Modules
Çѱ۳»¿ë¿ä¾à ¾ÏÈ£¸ðµâÀÇ ¾ÈÀü¼ºÀ» º¸Àå¹Þ±â À§Çؼ­´Â ¾ÏȣŰ, º¸¾È ¸Å°³º¯¼ö, ³í½º µîÀÇ »ý¼º¿¡ »ç¿ëµÇ´Â ³­¼ö°¡ ¾ÏÈ£ÇÐÀû ³­¼ö¹ß»ý±â·ÎºÎÅÍ ¾ÈÀüÇÏ°Ô »ý¼ºµÇ¾î¾ß ÇÑ´Ù. ¾ÏÈ£ÇÐÀû ³­¼ö¹ß»ý±â´Â Å©°Ô ¿£Æ®·ÎÇÇ ¼öÁý ´Ü°è¿Í Àǻ糭¼ö »ý¼º ´Ü°è·Î ³ª´­ ¼ö ÀÖÀ¸¸ç, °¢ ´Ü°èÀÇ ¾ÈÀü¼º Æò°¡¸¦ À§ÇØ Àǻ糭¼ö »ý¼º¿¡ »ç¿ëµÇ´Â °áÁ¤·ÐÀû ¾Ë°í¸®ÁòÀÇ ±¸Çö Á¤È®¼ºÀ» °ËÁõÇÏ°í ¿£Æ®·ÎÇÇ ¼Ò½º ±¸¼º¿¡ »ç¿ëµÇ´Â ÀâÀ½¿ø¿¡ ´ëÇÑ Åë°èÀû ³­¼ö¼º °ËÁ¤°ú ¿£Æ®·ÎÇÇ Æò°¡¸¦ ¼öÇàÇØ¾ß ÇÑ´Ù.
ÀÌ¿¡ ÀÌ Ç¥ÁØ¿¡¼­´Â ¼ÒÇÁÆ®¿þ¾î ¾ÏÈ£¸ðµâ À§ÁÖÀÎ ±¹³» ȯ°æÀ» °í·ÁÇÏ¿© ¡°¼ÒÇÁÆ®¿þ¾î ȯ°æ¿¡¼­ÀÇ ³­¼ö¹ß»ý±â ÀâÀ½¿ø ¿£Æ®·ÎÇÇ °ËÁõ ¾Ë°í¸®Áò¡±(TTAK.KO-12.0306/R1)À» Àοë Ç¥ÁØÀ¸·Î Çϸç, Àοë Ç¥ÁØ¿¡ Á¦½ÃµÈ °ËÁõ ¾Ë°í¸®Áò°ú NIST SP800-90B¸¦ È°¿ëÇÏ¿© ¼ÒÇÁÆ®¿þ¾î ¾ÏÈ£¸ðµâÀÇ ÀâÀ½¿ø¿¡ ´ëÇÑ ½ÃÇèÆò°¡ ÀýÂ÷¿Í ±× Á¤·®ÀûÀÎ ±âÁØÀ» Á¦½ÃÇÑ´Ù. ÀÌ Ç¥ÁØ¿¡¼­´Â ÀâÀ½¿ø ½ÃÇèÆò°¡ ÀýÂ÷, ½ÃÇèÆò°¡ Ç׸ñ ¹× ±âÁØ°ú ¼ÒÇÁÆ®¿þ¾î ¾ÏÈ£¸ðµâ¿¡¼­ ¼öÁýµÈ ÀâÀ½¿øÀ¸·Î ¾ÏÈ£ÇÐÀû ³­¼ö¹ß»ý±âÀÇ ½Ãµå¸¦ »ý¼ºÇÏ´Â °¡À̵带 Á¦½ÃÇÑ´Ù.
¿µ¹®³»¿ë¿ä¾à To ensure the security of cryptographic modules, random numbers used as encryption key, security parameters, nonce, etc. shall be securely generated by the cryptographic random number generator. The cryptographic random number generator is composed of two major steps, which are collecting data from noise sources and generating pseudorandom numbers. For the security evaluation of each step, it is necessary to verify the conformance test for the implementations of cryptographic algorithms used for generating pseudorandom numbers, and testing noise sources consists of statistical tests for randomness and entropy tests. Considering domestic trend of software-oriented encryption modules, this standard proposes the testing guideline and quantitative evaluation criteria using the algorithms described in the normative reference ¡°Entropy Evaluation Algorithms for Noise Sources in Software Environments(TTAK.KO-12.0306/R1)¡± and in NIST SP800-90B.
±¹Á¦Ç¥ÁØ
°ü·ÃÆÄÀÏ TTAK_[1].KO-12.0341_R1.pdf TTAK_[1].KO-12.0341_R1.pdf            

ÀÌÀü
µðÁöÅÐ º´¿ø Á¤º¸º¸È£ ¿ä±¸»çÇ×
´ÙÀ½
µ¶¼­ Àå¾ÖÀÎÀ» À§ÇÑ ÀüÀÚÃ¥ Á¢±Ù¼º °¡À̵å - Á¦1ºÎ: ÀúÀÛ Áöħ