[Cryptography] Use of RDRAND in Haskell's TLS RNG?
Henry Baker
hbaker1 at pipeline.com
Wed Nov 23 17:14:59 EST 2016
At 02:23 AM 11/23/2016, Darren Moffat wrote:
>What is a "proper audit" and why do you think that Intel hasn't done that already ? What more find they (or any chip designer/builder) do to convince you?
My guess is that Intel's HW RNG is basically ok, but that their chips have mechanisms to squirrel away (and later disgorge) secrets of various sorts -- e.g., inputs to built-in hash instructions. There might be a HW "reset" capability -- analogous to a password reset function -- that might be used under certain circumstances to reset RDRAND. Good luck finding it amidst billions and billions of transistors, tho.
More information about the cryptography
mailing list