[Cryptography] A TRNG review per day: RDRAND and the right TRNG architecture

Tom Mitchell mitch at niftyegg.com
Fri Oct 24 16:27:38 EDT 2014

On Fri, Oct 24, 2014 at 2:31 AM, Bill Cox <waywardgeek at gmail.com> wrote:

> The "right TRNG architecture" looks like this: ...snip... So, why do we
> need true random data at high speed so badly that Intel decided to build in
> a device requiring large capacitors and it's own power regulator?
Interesting.. one value of "very fast"  is whitening logic has lots of bits
to eliminate
any color imposed by external events.

Very fast has value, customers with clout often ask for and get special
instructions in the instruction set.   One largish site install in Utah
might pay
for the design feature.   They might want vastly more bits for something.
Cell phones do not need 64bit cores with a 32bit ABI but marketing likes it.
So fast also has market value....

At the hardware level I am curious how a large structure like this is
shared by multiple cores.
Keeping many cores synchronized is almost impossible unless some  special
Tandem lock
step check is turned on.  Further sharing of logic for many cores and
hyperthreading with
speculative execution puts some of the interesting stuff at arms length...
  Time will tell if
arm length is enough (even on an ARMcore).

  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141024/3c890c60/attachment.html>

More information about the cryptography mailing list