Security Analysis of DRBG Using HMAC in NIST SP 800-90

  • Shoichi Hirose
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5379)


HMAC_DRBG is a deterministic random bit generator using HMAC specified in NIST SP 800-90. The document claims that HMAC_DRBG is a pseudorandom bit generator if HMAC is a pseudorandom function. However, no proof is given in the document. This article provides a security analysis of HMAC_DRBG and confirms the claim.


NIST SP 800-90 pseudorandom bit generator HMAC pseudorandom function 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    American National Standards Institute. Public key cryptography for the financial services industry: The elliptic curve digital signature algorithm (ECDSA). ANSI X9.62-1998 (1998)Google Scholar
  2. 2.
    American National Standards Institute. Digital signatures using reversible public key cryptography for the financial services industry (rDSA). ANSI X9.31-1998 (1998)Google Scholar
  3. 3.
    Barker, E., Kelsey, J.: Recommendation for random number generation using deterministic random bit generators (revised). NIST Special Publication 800-90 (2007)Google Scholar
  4. 4.
    Bellare, M.: New proofs for NMAC and HMAC: Security without collision-resistance. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 602–619. Springer, Heidelberg (2006), CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)Google Scholar
  6. 6.
    Brown, D.R., Gjøsteen, K.: A security analysis of the NIST SP 800-90 elliptic curve random number generator. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 466–481. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  7. 7.
    Campagna, M.J.: Security bounds for the NIST codebook-based deterministic random bit generator. Cryptology ePrint Archive: Report 2006/379,
  8. 8.
    Desai, A., Hevia, A., Yin, Y.L.: A practice-oriented treatment of pseudorandom number generators. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 368–383. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
    Kan, W.: Analysis of underlying assumptions in NIST DRBGs. Cryptology ePrint Archive: Report 2007/345,
  10. 10.
    Kelsey, J., Schneier, B., Wagner, D., Hall, C.: Cryptanalytic attacks on pseudorandom number generators. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 168–188. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  11. 11.
    U.S. Department of Commerce/National Institute of Standards and Technology. Digital signature standard (DSS). Federal Information Processing Standards Publication 186-2 (+Change Notice) (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Shoichi Hirose
    • 1
  1. 1.Graduate School of EngineeringUniversity of FukuiJapan

Personalised recommendations