Via puts RNGs on new processors
Ben Laurie
ben at algroup.co.uk
Wed Apr 9 15:26:13 EDT 2003
David Wagner wrote:
> Ian Grigg wrote:
>
>>My world view would be that there is no such
>>thing as an acceptable off-the-shelf RNG.
>
>
> Why not? You rely on an off-the-shelf CPU, don't you?
> The CPU must be trusted just as much as the RNG.
>
>
>>If one is relying on some commercially acceptable
>>rating, then one has also to ensure that the
>>entire distribution chain - how you got that
>>chip - is also safe. If there are such things
>>as "good" Via chips alongside "bad" Via chips,
>>how do we know that a bad chip wasn't substituted
>>in at the last moment?
>
>
> Do you worry about this for your CPU? If not, why should
> the RNG component of your CPU be any different?
It seems clear to me that its hard to subvert a general CPU such that it
does predictable damage to randomness. However, the same cannot be said
about a hardware RNG.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list