using SRAM state as a source of randomness

Joachim Strömbergson Joachim at
Sun Sep 16 11:22:04 EDT 2007


Peter Gutmann skrev:
> The worst case is a change in the environment or manufacturing process, which
> typically occurs without the end user even knowing about it.  You simply can't
> guarantee anything about RAM state as an RNG source, you'd have to prove a
> negative (no change in manufacturing technology or the environment will affect
> the quality of the source) in order to succeed.  It's like the thread-timing-
> based RNGs, you can never prove that some current variation of or future
> change to the scheduler won't result in totally predictable "random" numbers.

One could add test functionality that checks the randomness of the 
initial SRAM state after power on. But somehow I don't think a good test 
suite and extremely low cost devices (for example RFID chips) are very 
compatible concepts.

Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
Kryptoblog - IT-säkerhet på svenska

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list