Toshiba shows 2Mbps hardware RNG

alex at alten.org alex at alten.org
Wed Feb 13 23:38:49 EST 2008


> ----- Original Message -----
> From: "Pat Farrell" <pfarrell at pfarrell.com>
> To: 
> Subject: Re: Toshiba shows 2Mbps hardware RNG
> Date: Sun, 10 Feb 2008 17:40:19 -0500
> 
> 
> Perry E. Metzger wrote:
> > pgut001 at cs.auckland.ac.nz (Peter Gutmann) writes:
> >> I've always wondered why RNG speed is such a big deal for anything but a few
> >> highly specialised applications.
> >
> > Perhaps it isn't, but any hardware RNG is probably better than none
> > for many apps, and they've managed to put the whole thing in a quite
> > small bit of silicon. The speed is probably icing on the cake.
> 
> One of the benefits of speed is that you can use cleanup code to 
> control bias. Carl Ellison put some out on his website last century.
> 
> 

It is a HUGE win for designing a crypto system to have a really 
fast (and good) HW RNG. Being able to generate 10-20,000 AES keys
per second means that you can engineer things that were impossible
to do otherwise.  You can generate as many keys as you like, throw
away keys after one time use, treat them as ephemeral authentication
keys (say give a few million or so to a user), etc. Or you could 
hand a sender 10 MBytes (less than a minute to generate), which then
can be used to create billions of keys (say using Ueli Maurer's 
Bounded Storage Model).  The sender could then use each key to 
uniquely encrypt (AES CTR) each message of a series of messages or
packets to a receiver (AES key setup is fast). No need for an IV or 
worrying about message ordering (each one has a key id), or even the
compromise of a key or two.

Randomness is the most fundamental underpinning of a crypto system
and having lots of it on demand is really fabulous to have in our 
system security design tool box.

- Alex


 


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list