Abstract: We show that the FIPS 140-2 test suite does not have unique significance level although the NIST document says that the significance level of the FIPS 140-2 test suite has unique significance level . We also show that the runs test of the FIPS 140-2 test suite has inappropriate significance levels for the checking of the success rate which are used in the NIST test suite. The probability distributions of the runs of length 4 and length 5 are asymmetric and thus non-Gaussian so that the success rates cannot converge to the significance levels if we use the same criterion. The resetting of the explicit bounds is needed for the correct evaluation.
It is well known that the NIST statistical test suite was used for the evaluation of AES candidate algorithms. We have found that the test setting of Discrete Fourier Transform test and Lempe l-Ziv test of this test suite are wrong. We give four corrections of mistakes in the test settings. This suggests that re-evaluation of the test results should be needed.
Seminarsko predavanje bo ponedeljek 14. junija 2004 ob 15:15 v seminarski sobi CAMTP, Krekova 2, pritlicje. Vljudno vabljeni vsi zainteresirani, tudi študenti.