Intel to also add RNG

Paul Wouters paul at xelerance.com
Mon Jul 12 15:37:45 EDT 2010


On Mon, 12 Jul 2010, Eric Murray wrote:

> Then there's FIPS- current 140 doesn't have a provision for HW RNG.
> They certify software RNG only, presumeably because proving a HW RNG to be
> random enough is very difficult.   So what's probably the primary market
> (companies who want to meet FIPS) isn't available.

So you can do HWRNG -> SWRNG -> Fips ?

Which is what you should do anyway, in case of a hardware failure. I
know the Linux intel-rng and amd-rng used to produce nice series of
zeros. The padlock rng has never produced warnings piping it through
rngd.

> So while I think it'd be great to have a decent RNG on chip
> (no more blocking on /dev/random!) I don't see it being much of
> a market advantage and would not be surprised if it never makes it in
> to a shipping product.

With every phone doing crypto these days, I'd think you are wrong. Also,
the VIA PadLock already ships with an HWRNG on die. It's been shipping
for years.

Paul

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list