Via puts RNGs on new processors

Ben Laurie ben at
Wed Apr 9 15:26:13 EDT 2003

David Wagner wrote:
> Ian Grigg  wrote:
>>My world view would be that there is no such
>>thing as an acceptable off-the-shelf RNG.
> Why not?  You rely on an off-the-shelf CPU, don't you?
> The CPU must be trusted just as much as the RNG.
>>If one is relying on some commercially acceptable
>>rating, then one has also to ensure that the
>>entire distribution chain - how you got that
>>chip - is also safe.  If there are such things
>>as "good" Via chips alongside "bad" Via chips,
>>how do we know that a bad chip wasn't substituted
>>in at the last moment?
> Do you worry about this for your CPU?  If not, why should
> the RNG component of your CPU be any different?

It seems clear to me that its hard to subvert a general CPU such that it 
does predictable damage to randomness. However, the same cannot be said 
about a hardware RNG.




"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list