Cryptology ePrint Archive: Report 2020/619

Security Analysis of NIST CTR-DRBG

Viet Tung Hoang and Yaobin Shen

Abstract: We study the security of $\mathsf{CTR\text{-}DRBG}$, one of NIST's recommended Pseudorandom Number Generator (PRNG) designs. Recently, Woodage and Shumow (Eurocrypt' 19), and then Cohney et al. (S&P' 20) point out some potential vulnerabilities in both NIST specification and common implementations of $\mathsf{CTR\text{-}DRBG}$. While these researchers do suggest counter-measures, the security of the patched $\mathsf{CTR\text{-}DRBG}$ is still questionable. Our work fills this gap, proving that $\mathsf{CTR\text{-}DRBG}$ satisfies the robustness notion of Dodis et al. (CCS'13), the standard security goal for PRNGs.

Category / Keywords: secret-key cryptography / provable security, PRNGs with input, NIST standard

Original Publication (with major differences): IACR-CRYPTO-2020

Date: received 26 May 2020

Contact author: yb_shen at sjtu edu cn

Available format(s): PDF | BibTeX Citation

Note: This is the full version of our paper.

Version: 20200526:174315 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]