There are two fundamentally different strategies for generating random bits. One strategy is to
produce bits non-deterministically, where every bit of output is based on a physical process that is
unpredictable; this class of random bit generators (RBGs) is commonly known as non-deterministic
random bit generators (NRBGs)1. The other strategy is to compute bits deterministically using an
algorithm; this class of RBGs is known as Deterministic Random Bit Generators (DRBGs)2.
A DRBG is based on a DRBG mechanism as specified in this Recommendation and includes a
source of randomness. A DRBG mechanism uses an algorithm (i.e., a DRBG algorithm) that
produces a sequence of bits from an initial value that is determined by a seed that is determined
from the output of the randomness source. Once the seed is provided and the initial value is
determined, the DRBG is said to be instantiated and may be used to produce output. Because of
the deterministic nature of the process, a DRBG is said to produce pseudorandom bits, rather than
random bits. The seed used to instantiate the DRBG must contain sufficient entropy to provide an
assurance of randomness. If the seed is kept secret, and the algorithm is well designed, the bits
output by the DRBG will be unpredictable, up to the instantiated security strength of the DRBG.
The security provided by an RBG that uses a DRBG mechanism is a system implementation
issue; both the DRBG mechanism and its randomness source must be considered when
determining whether the RBG is appropriate for use by consuming applications.
1 NRBGs have also been called True Random Number (or Bit) Generators or Hardware Random Number Generators.
2 DRBGS have also been called Pseudorandom Number (or Bit) Generators.