[Cryptography] HSM's
ianG
iang at iang.org
Tue Jan 21 01:26:21 EST 2014
On 21/01/14 02:25 AM, Bill Frantz wrote:
> The RNGs will need to communicate with each other, or with a central
> trusted module to know that the MD of the random contribution has been
> committed by all the RNGs so they can safely release the random
> contribution.
I don't think it is necessary for the RNGs to audit their output. It's
only necessary for the HSMs to audit the results. The RNGs can be dumb.
I thought about that a little. My musing at the time was that you could
avoid it by having a time-broadcast. If the RNGs can deliver say 10k
per second, why not just have them do that?
Each RNG sends out a packet one per cycle. And for committing, each
packet can include the MD of the next packet.
OK, so this sets up a lot of complications for the HSMs that now have to
agree on the time-set of RNG output. Maybe not worth it.
iang
More information about the cryptography
mailing list