[cryptography] Intel RNG

James A. Donald jamesd at echeque.com
Tue Jun 19 23:32:57 EDT 2012


On 2012-06-19 9:07 AM, dj at deadhat.com wrote:
> It does tell you that if it is your chip and you don't let
> someone else pull the lid off, scrape off the passivation and apply a pico
> probe to it, it will certainly provide you with good random numbers
> regardless of the FIPS mode.

I don't know that.  Intel might have screwed up deliberately or 
unintentionally, or my particular chip might fail in a way that produces 
numbers that are non random, but, due to whitening, are non random in a 
way that only some people know how to detect

If intel told me how it worked, and provided low level access to raw 
unwhitened output, I could find pretty good evidence that the low level 
randomness generator was working as described, and perfect evidence that 
the whitener was working as described.  Certification does not tell me 
anything much.



More information about the cryptography mailing list