On Mon, Feb 20, 2006 at 04:45:09PM -0500, Thor Lancelot Simon wrote:
> 
> That depends what level you're certifying to.  At level 4, IIRC, periodic
> statistical tests are required (which is why the standard specifies a
> particular battery of statistical RNG tests).
> 


section 4.9.1, FIPS140-2 says level 4 only requires statistical random
number generator tests on power up (reset/reboot/power on).  Doesn't
mean you cannot do them at lower levels but they are not mandated.

Even just doing the monobit test would catch the most egregious
errors.

-- 
Brett Lymn