Ȩ > ÀڷḶ´ç > ÀÚ·á°Ë»ö > Ç¥ÁØ
ÀÚ·á °Ë»ö°á°ú
| Ç¥ÁØÁ¾·ù | Á¤º¸Åë½Å´ÜüǥÁØ(TTAS) | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Ç¥ÁعøÈ£ | TTAK.KO-12.0235/R2 | ±¸ Ç¥ÁعøÈ£ | |||||||||||||||||||||||||||||
| Á¦°³Á¤ÀÏ | 2020-12-10 | ÃÑ ÆäÀÌÁö | 46 | ||||||||||||||||||||||||||||
| ÇÑ±Û Ç¥Áظí | ¿î¿µÃ¼Á¦º° ÀâÀ½¿ø ¼öÁý ¹× ÀÀ¿ë Áöħ | ||||||||||||||||||||||||||||||
| ¿µ¹® Ç¥Áظí | Guideline for the Collection and Application of Noise Sources on Operating Systems | ||||||||||||||||||||||||||||||
| ÇÑ±Û ³»¿ë¿ä¾à | ³¼ö´Â ±â¹Ð¼º, ÀÎÁõ, Á¢±ÙÅëÁ¦, ºÎÀιæÁö µî ¾ÏÈ£ÀÇ ¾ÈÀüÇÑ »ç¿ëÀ» À§ÇØ ²À ÇÊ¿äÇÑ ¿ä¼ÒÀÌ´Ù. µû¶ó¼ ³¼ö¹ß»ý±â´Â ¾ÈÀüÇÏ°Ô ¼³°èµÇ¾î¾ß Çϸç, À̸¦ À§ÇØ ÀϹÝÀûÀ¸·Î °áÁ¤·ÐÀû ³¼ö¹ß»ý±â¸¦ »ç¿ëÇÑ´Ù. °áÁ¤·ÐÀû ³¼ö¹ß»ý±â ³í¸®¸¦ ¾ÈÀüÇÑ Ç¥ÁØÀÇ °ÍÀ¸·Î »ç¿ëÇÒ °æ¿ì, ÀÌ ³¼ö¹ß»ý±âÀÇ ¾ÈÀü¼ºÀº ½Ãµå ±¸¼º¿¡ »ç¿ëµÇ´Â ¿£Æ®·ÎÇÇ ¼Ò½ºÀÇ µ¿ÀÛ¿¡ ÀÇÁ¸ÇÏ°í ¿£Æ®·ÎÇÇ ¼Ò½º´Â ÀâÀ½¿øÀ» ÅëÇØ ±¸¼ºµÇ¹Ç·Î ¾ÏÈ£ÀÀ¿ë¿¡¼ ÀâÀ½¿øÀÇ ¾ÈÀü¼ºÀº ¸Å¿ì Áß¿äÇÏ´Ù.
ÀÌ Ç¥ÁØÀº À©µµÁî, ¸®´ª½º, ¾Èµå·ÎÀ̵å, iOS µî ¿î¿µÃ¼Á¦¿¡ µû¶ó ÀâÀ½¿øÀ» ¼öÁýÇÏ´Â ¹æ¹ý ¹× ¿î¿µÃ¼Á¦¿¡¼ È£ÃâÇÒ ¼ö ÀÖ´Â Àü»ê±âÀÇ CPU¿¡¼ Á¦°øÇÏ´Â ÀâÀ½¿øÀÇ ¼öÁý ¹æ¹ýÀ» ±â¼úÇÑ´Ù. ¿î¿µÃ¼Á¦¿¡¼ ¼öÁýÇÒ ¼ö ÀÖ´Â ÀâÀ½¿øÀº À̺¥Æ®°¡ ¹ß»ýµÉ ¶§¸¶´Ù º¯°æµÇ´Â ¸¶¿ì½º Á¤º¸, Å°º¸µå Á¤º¸, µð½ºÅ© Á¤º¸, ½Ã°£ Á¤º¸, ÀÎÅÍ·´Æ® ¿äû Á¤º¸ µîÀÌ Æ÷Ç﵃ ¼ö ÀÖÀ¸¸ç, ¿î¿µÃ¼Á¦¿¡¼ ¼öÁýÇÑ ÀâÀ½¿øÀÇ ¿£Æ®·ÎÇÇ°¡ ºÎÁ·ÇÒ °æ¿ì µ¶¸³µÈ Çϵå¿þ¾î·Î ±¸ÇöµÈ ÀâÀ½¿øÀ¸·ÎºÎÅÍ Ãß°¡ÀûÀÎ ÀâÀ½¿øÀ» ¼öÁýÇÒ ¼ö ÀÖ´Ù. ÀÌ Ç¥ÁØÀº ÀâÀ½¿øÀ» ÅëÇØ ¾ÈÀüÇÑ ½Ãµå¸¦ ±¸¼ºÇϱâ À§ÇÑ Áöħ°ú ÀâÀ½¿ø ÀÀ¿ë ½Ã ÁÖÀÇ »çÇ×À» ±â¼úÇÑ´Ù. ÀÌ Ç¥ÁØ¿¡ ¸í½ÃµÈ ÁÖ¿ä ÀâÀ½¿ø¿¡ ´ëÇÑ ¿£Æ®·ÎÇÇ Æò°¡°á°ú´Â ºÎ·Ï¿¡ ¼ö·ÏµÇ¾î ÀÖ´Ù. Æò°¡¹æ¹ýÀ¸·Î½á TTAK.KO-12.0341/R1 ¡°¼ÒÇÁÆ®¿þ¾î ¾ÏÈ£¸ðµâ¿¡ »ç¿ëµÇ´Â ÀâÀ½¿ø ½ÃÇèÆò°¡ Áöħ¡±°ú ¹Ì±¹ NIST°¡ ¹ßÇàÇÑ SP800-90B¸¦ È°¿ëÇÏ¿´À¸¸ç ÀÌ Ç¥ÁØÀÇ Àû¿ë ¹üÀ§¿¡´Â ÇØ´çÇÏÁö ¾Ê´Â´Ù. |
||||||||||||||||||||||||||||||
| ¿µ¹® ³»¿ë¿ä¾à |
Random number is an essential factor to use the service of the confidentiality, the authentication, the non-repudiation, etc. securely in cryptography area. Therefore the random bit generator has to be designed securely. Generally DRBG(Deterministic Random Bit Generator) may be used in order to meet the requirement. If it is assumed that the DRBG(Deterministic Random Bit Generator) is implemented according to the standard which supports secure algorithms, the security of the noise sources are very important, as the security of the DRBG depends on the entropy source that is composed of the seed of random bit generator.
This document describes the method how to collect the noise sources in Operating Systems such as Linux OS, Windows OS, Android OS, iOS, etc. and the hardware noise sources which are provided in the CPU chip of the computer. Generally the noise sources in Operating System may be mouse information, keyboard information, interrupt request information, disk information, or time information, etc. changed whenever system events happen. If the output from the noise sources which are collected in Operating Systems doesn¡¯t have enough the required entropy, additionally we can collect the output from the noise sources which are implemented with a hardware device. This document describes guideline for using securely the collected noise sources in the application environment and gives their application note. The results of the entropy assessment for several noise sources that are specified in this document are written in Annex. The test methods, TTAK.KO-12.0341/R1 which title is ¡°Guidelines for testing noise sources used in software cryptographic modules¡° and SP 800-90B which has been published by the U.S NIST, are referred but are not covered by this document. |
||||||||||||||||||||||||||||||
| °ü·Ã IPR È®¾à¼ | Á¢¼öµÈ IPR È®¾à¼ ¾øÀ½ | ||||||||||||||||||||||||||||||
| °ü·ÃÆÄÀÏ |
 TTAK.KO-12.0235_R2.pdf
|
||||||||||||||||||||||||||||||
| Ç¥ÁØÀÌ·Â |
|
||||||||||||||||||||||||||||||
