[cryptography] [liberationtech] Random number generation being influenced - rumors

David Johnston dj at deadhat.com
Mon Sep 9 11:11:16 EDT 2013


On 9/9/2013 5:12 AM, James A. Donald wrote:
> On 2013-09-09 3:18 PM, Greg Rose wrote:
>> I actually hate to point this out, but having access to something 
>> that "looks like" a raw entropy source proves nothing.
>
> A genuine hardware noise source will show colored noise, which is very 
> hard to simulate in software, and especially hard to simulate at any 
> reasonable speed.
It's not 'very hard'. Just suppress long strings a bit.
>
> If the entropy source is real, it will show its analog characteristics 
> leaking into the digital abstraction. The correlations and anti 
> correlations between nearby bits will reflect the analog values of the 
> circuit, thus no two chips will show quite the same correlations, and 
> the correlations will vary with temperature and overclocking. These 
> analog variations would be compelling evidence that the entropy source 
> is the claimed circuit or something very like the claimed circuit.
Just because the entropy source is real doesn't mean it's feeding the 
conditioner.
>
> Any Intel misconduct would show up in the color of the noise, it being 
> very hard to create a digital pseudo noise source that displays subtly 
> varying color at high speed, while hardware true random noise sources 
> almost unavoidably display subtly varying noise color.)
So this is both wrong and moot.



More information about the cryptography mailing list