[cryptography] Intel RNG
James A. Donald
jamesd at echeque.com
Tue Jun 19 20:13:22 EDT 2012
On 2012-06-19 4:51 AM, Matthew Green wrote:
> 1. Private evaluation report (budgeted to, say, 200 hours)
> probabilistically identifies N serious vulnerabilities. We
> all know that another 200 hours could turn up N more. In
> fact, the code may be riddled with errors. Original N
> vulnerabilities are patched. What should the public report
> say? Technically the vulnerabilities are all 'fixed'.
If the public report says what it should say, lots of people will be
So, what happens if the public report sounds like it saying that the
product is fine, but in fact the product is crap, and disaster ensues?
Answer: Absolutely nothing. Example Wifi security, which somehow
always uses fine methods in "unusual" ways. The same people who brought
you yesterday's failed Wifi security, bring you today's.
To summarize: Our mechanisms for social verification of truth are
broken, and are getting more broken. Social verification tends to scale
badly. They have never worked well, and are now working worse than ever.
Nullius in verba: Take nobody's word for it
This is the general problem with audits of all kinds, not just security
audits. It is often not only impossible to punish the irresponsible,
but even to identify them.
Thus security source code simply has to be available, and that security
hardware is what it claims to be has to be verifiable - which is why
Intel should have made it possible to read the raw unwhitened output of
its true randomness generator.
And now I am once again going somewhat off topic on how our social
verification mechanisms are completely broken - indeed it is very hard
to make social verification work.
For example the challenger inquiry found that some people had signed off
both on reports that the space shuttle was going to explode, and also
reports that it was good to go. But the culture was blamed, not any
specific identifiable people.
For example, try identifying who made, and who received, the dud loans
that are at the root of the current financial crisis, and who commanded
them to be made. It is mysteriously difficult to do so.
For example the crisis at MF Global is everywhere described as a
"liquidity" crisis. It was in fact a solvency crisis. Jon Corzine
pissed away MF Global's assets on politically correct financial
investments, and then kept the place operating for some time in a state
of insolvency by borrowing from customer funds, but everyone continues
to pretend that MF Global was solvent until it was not, because
according to Sarbannes Oxley accounting standards, it was solvent until
it was not, presaging an outcome in which no one gets punished.
For example JPM realized it was receiving stolen funds from MF Global.
There is a large audit trail of incriminating documents as the people at
JPM wrestle with their consciences. After generating a large pile of
highly incriminating paper, they win and their consciences lose. This
will probably result in a civil lawsuit against JPM, for acting as a
fence, but no criminal penalties, nor personal loss of jobs. Even
though the trail of documents reveal that an ever increasing number of
people connected to MF Global knew that MF Global was acting in a
criminal manner, making them accessories after the fact, it still looks
as though few, possibly no one, is going to see jail time.
And of course, there are the Climategate files, but to go into any
details on that can of worms would really take us right off topic.
Since the widespread introduction of peer review in the 1940s, instead
of the experimenter telling the scientific community what he observes,
the scientific community tells the experimenter what he observes. The
data cookery revealed by Climategate files is, arguably, business as
usual. The defense was "everyone is doing it, that is the way Official
Science is actually done", which defense is, alas, entirely true. Peer
Review was the abandonment of the principle of Nullius in Verba.
Instead of taking no one's word for it, we take the word of a secretive
and anonymous panel of referees, resulting in an ever escalating pile of
To make social verification work, people have to be punished for being
untruthful, dishonest, and failing in their duty, or at least abruptly
and irrevocably thrown out of social verification network for the
slightest infraction. Which is not nice.
More information about the cryptography