[cryptography] Random number generation influenced, HW RNG

David Johnston dj at deadhat.com
Sat Sep 7 13:48:02 EDT 2013


On 9/6/2013 2:03 PM, grarpamp wrote:
>
>>> Does anyone put any stock into the rumors floating lately that the
>>> government may have influenced Intel and/or AMD into altering
>> However, I claim that the fear is well founded and should be taken into
>> account by all threat models.
>>
>>
It interesting to consider the possibilities of corruption and deception 
that may exist in product design. It's a lot more alarming when it's 
your own design that is being accused of having been backdoored. 
Claiming the NSA colluded with intel to backdoor RdRand is also to 
accuse me personally of having colluded with the NSA in producing a 
subverted design. I did not.

A quick googling revealed many such instances of statements to this 
effect, strewn across the internet, based on inferences from the Snowden 
leaks and resulting Guardian and NYT articles.

I personally know it not to be true and from my perspective, the effort 
we went to improve computer security by making secure random numbers 
available and ubiquitous in a low attack-surface model is now being 
undermined by speculation that would lead people to use less available, 
less secure RNGs. This I expect would serve the needs of the NSA well.



More information about the cryptography mailing list