[Cryptography] Random number generation influenced, HW RNG

Perry E. Metzger perry at piermont.com
Wed Sep 11 13:22:11 EDT 2013

On Wed, 11 Sep 2013 09:04:56 +1000 "James A. Donald"
<jamesd at echeque.com> wrote:
> On 2013-09-10 4:30 PM, ianG wrote:
> > The question of whether one could simulate a raw physical source
> > is tantalising.  I see diverse opinions as to whether it is
> > plausible, and thinking about it, I'm on the fence.
> Let us consider that source of colored noise with which we are most 
> familiar:  The human voice.  Efforts to realistically simulate a
> human voice have not been very successful.  The most successful
> approach has been the ransom note approach, merging together a lot
> of small clips of an actual human voice.
> A software simulated raw physical noise source would have to run 
> hundreds of thousands times faster.

I don't think this is true. Typically, the noise sources being used
in hardware RNGs are very simple physical processes like shot noise.
I think simulations of those are vastly simpler than simulations of
human voices. The mechanics of the vocal tract are extremely
complicated, while the equations describing the distribution of shot
noise and the like are dead simple.

That said, I think the obvious defense against this is in any case
hardware teardowns. My fear is that not enough of those happen, but
recent events may convince people that they are necessary.

Perry E. Metzger		perry at piermont.com

More information about the cryptography mailing list