[cryptography] Intel RNG
marsh at extendedsubset.com
Fri Jun 22 17:55:12 EDT 2012
On 06/22/2012 04:42 PM, Kevin W. Wall wrote:
> You wrote "going to DIFFERENT consumers". I am interpreting that as
> different processes, but I don't see how a CPU instruction like RdRand
> or anything else is going to be process or thread or<insert your favorite
> security context here> aware. If you would have omitted the "different",
> then it would have made sense.
> So am I just reading too much into your statement and you didn't really
> mean "*different* consumers" or am I simply not understanding what
> you meant? If the latter, if you could kindly explain.
I did mean different consumers :-)
Since we were talking about how/if releasing unconditioned entropy
samples (e.g. through a different instruction) affects the security of
the conditioned RdRand output.
So the two consumers might be the unconditioned sample output and the
conditioner input. Or we might also consider every unconditioned read
operation as being a separate consumer.
Alternatively, maybe the raw oscillator without AES would be small
enough to just give one to every core.
More information about the cryptography