Intel to also add RNG
Thor Lancelot Simon
tls at rek.tjls.com
Wed Jul 14 03:35:29 EDT 2010
On Tue, Jul 13, 2010 at 05:46:36PM +1200, Peter Gutmann wrote:
> Paul Wouters <paul at xelerance.com> writes:
>
> >Which is what you should do anyway, in case of a hardware failure. I
> >know the Linux intel-rng and amd-rng used to produce nice series of zeros.
>
> Do you have any more details on this? Was it a hardware problem, software
> problem, ...? How was it caught?
I couldn't say, as regards AMD's chipset RNG. Intel's, however, was on
an optional component of one of their motherboard chipsets. Many
motherboard vendors chose to buy that component from other sources, who
implemented something register-compatible to the Intel part but with
the RNG register not actually connected to a random number source.
Worse, when Intel increased chipset integration and pulled the optional
chip "into" one of the host bridge chips, they did the exact same thing.
The basic problem was that the register indicating presence-of-RNG was
not on the same piece of silicon (originally) as the actual RNG. So the
register really indicated only that this Intel chipset *was capable of
interfacing to the chip with the RNG on it*; nothing more.
Worse, a lot of people read noise -- but not really random noise --
from those notional RNG registers and persuaded themselves that since
the output wasn't continuous, there must really be an RNG present.
Oops.
Thor
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list