Bouncy Castle Jentropy Engine Achieves NIST ESV Certification

We are excited to share that the Bouncy Castle Jentropy Engine has officially received Entropy Source Validation (ESV) certification from NIST!

View the certificate on the NIST website

What is the Jentropy Engine?

The Jentropy Engine is a Java provider with a single DRBG-based SecureRandom and supports real entropy for seed generation. This is achieved by wrapping Stephan Müller’s JENT library to provide the entropy. The certification confirms that Jentropy meets strict NIST standards for secure and reliable entropy generation.

Get it today

The Bouncy Castle Jentropy Engine is developed and tested on the Linux operating system and support is provided for both ARM64 and Intel X86-64 architectures. The provider should be usable on JVMs from Java 8 up.

Download from Maven

Why ESV Matters for Common Criteria

In Common Criteria (CC) evaluations, especially under protection profiles like NDcPP or CAPP, a cryptographically strong entropy source is often a mandatory requirement.

The Jentropy Engine’s ESV certification offers a recognized assurance path for meeting these requirements.

If you are building a Common Criteria-evaluated product with Java and Bouncy Castle, an ESV-certified entropy source:

• Strengthens your security assurance claims
• Reduces evaluation complexity
• Helps avoid delays or rework in CC certification processes

Who Should Care?

• Security Architects and Cryptographers building secure Java systems
• Compliance and Risk teams needing an ESV-certified entropy source and targeting FIPS 140-2/3 or Common Criteria
• Product teams and vendors operating in regulated industries (government, finance, healthcare, etc.)
• Partners and customers relying on validated, standards-aligned crypto libraries

Why This Milestone Matters

With ESV certification, the Jentropy Engine is now approved for use as a trusted entropy source in FIPS-certified Java environments, aligning with the highest standards for cryptographic assurance.

This reinforces Bouncy Castle’s commitment to delivering secure, compliant, and open-source cryptographic tools for developers and security professionals worldwide.