[cryptography] Random number generation influenced, HW RNG

Thor Lancelot Simon tls at panix.com
Sat Sep 7 23:25:58 EDT 2013


On Sun, Sep 08, 2013 at 08:34:53AM +1000, James A. Donald wrote:
> 
> Well, since you personally did this, would you care to explain the
> very strange design decision to whiten the numbers on chip, and not
> provide direct access to the raw unwhitened output.

You know as soon as anyone complained about this, they turned around
and provided access to the unwhitened output in the next major version
of the same product family, right?

> A decision that even assuming the utmost virtue on the part of the
> designers, leaves open the possibility of malfunctions going
> undetected.

And one that echoes what about 50% of the other people who have built
hardware random number generators also made.

> That is a question a great many people have asked, and we have not
> received any answers.

No answers aside from Intel actually providing exactly what you asked
for, next chance they got.

> Access to the raw output would have made it possible to determine
> that the random numbers were in fact generated by the physical
> process described, since it is hard and would cost a lot of silicon
> to simulate the various subtle offwhite characteristics of a well
> described actual physical process.

I am extremely skeptical of this claim.

Thor


More information about the cryptography mailing list