[cryptography] [liberationtech] Random number generation being influenced - rumors

James A. Donald jamesd at echeque.com
Sat Sep 7 21:11:05 EDT 2013


On 2013-09-07 9:14 PM, Eugen Leitl wrote:
> That's the claimed design, yes.  I see no particular reason to believe
> that the hardware in my server implements the design.  I can't even test
> that the AES whitening does what it is documented to do, because Intel
> refused to provide access to the prewhitened input.

On chip whitening is extremely suspicious behavior.  Since the need for 
random numbers is low bandwidth, on chip whitening is a waste of silicon.

Despite repeated requests, the decision to do whitening on chip has 
never been explained.



More information about the cryptography mailing list