Intel to also add RNG

Sandy Harris sandyinchina at gmail.com
Sat Jul 24 20:34:45 EDT 2010


On 7/13/10, Perry E. Metzger <perry at piermont.com> wrote:

> It is disturbing to me that people oppose this so much.

Yes. A hardware RNG seems an obvious Good Thing. Not
a complete solution, but a very useful component.

>  For a lot of applications -- servers run in isolation, networking
>  equipment, etc. -- having hardware RNGs available is a really big win,
>  because there is no good local source of randomness. (We had a long
>  discussion of ways to mitigate this some time ago.) Plugging in an
>  external unit is not going to happen in practice. If it isn't nearly
>  free and built in, it won't be used.

IPsec gateways and web servers doing a lot of SSL are obvious
cases. Neither has much mouse or keyboard activity, they may
have solid state drives or smart RAID so disk timings are not
random. Packet timings might be somewhat random, but they
may also be knowable by an enemy.

>  I would suggest that in most cases, you are better off with a very
>  very mildly untrusted but ubiquitous hardware RNG than with the kinds
>  of kludges to get random numbers on unattended hardware we end up with
>  in the real world.

In some cases, a non-kludge alternative is Turbid:
http://www.av8n.com/turbid/paper/turbid.htm
That uses a sound card or on-board equivalent. Some boards
will have this, or it is cheap & easy to stick in a slot.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list