Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Discussion on the Full Entropy Assumption of the SP 800-90 Series



Darryl Buller, Aaron Kaufer, Allen Roginsky, Meltem Sonmez Turan


The NIST SP 800-90 series [1][2][3] supports the generation of high-quality random bits for cryptographic and non-cryptographic use. The security strength of a random number generator depends on the unpredictability of its outputs. This unpredictability can be measured in terms of entropy, which the NIST SP 800-90 series measures using min-entropy. A full-entropy bitstring has an amount of entropy equal to its length. Full-entropy bitstrings are important for cryptographic applications, as these bitstrings have ideal randomness properties and may be used for any cryptographic purpose. Due to the difficulty of generating and testing full-entropy bitstrings, the SP 800-90 series assumes that a bitstring has full entropy if the amount of entropy per bit is at least 1 - ε, where ε is at most 2^-32}. This report provides a justification for the selection of this value of ε.
NIST Interagency/Internal Report (NISTIR) - 8427
Report Number


entropy, min-entropy, random number generation


Buller, D. , Kaufer, A. , Roginsky, A. and Sonmez Turan, M. (2023), Discussion on the Full Entropy Assumption of the SP 800-90 Series, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online],, (Accessed May 26, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created April 14, 2023