Use of TPM chip for RNG?
Thor Lancelot Simon
tls at rek.tjls.com
Tue Jul 4 17:49:25 EDT 2006
On Mon, Jul 03, 2006 at 10:41:05AM -0600, Anne & Lynn Wheeler wrote:
>
> however, at least some of the TPM chips have RNGs that have some level
> of certification (although you might have to do some investigation to
> find out what specific chip is being used for TPM).
See one of the examples in my other message today in this thread (subject
changed as an aid to new readers) for an example of why you should *not*
trust such certifications as evidence that the RNG is any good.
Summary: I have encountered one such RNG that was FIPS-140 certified as
a Deterministic RNG but whose "hardware" inputs the vendor refused to
disclose, which I find extremely suspicious. It is possible to get a
DRNG certified without careful analysis of what its input is; I have
personally seen this happen and heard of more instances even after NIST
gave specific guidance to the contrary.
--
Thor Lancelot Simon tls at rek.tjls.com
"We cannot usually in social life pursue a single value or a single moral
aim, untroubled by the need to compromise with others." - H.L.A. Hart
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list