Steven M. Bellovin wrote:
>
> In message <[EMAIL PROTECTED]>, Ben Laurie writes:
> >Steve Bellovin wrote:
> >>
> >> Intel has announced a number of interesting things at the RSA conference.
> >> The most important, to me, is the inclusion of a hardware random number
> >> generator (based on thermal noise) in the Pentium III instruction set.
> >> They also announced hardware support for IPSEC.
> >
> >An interesting question (for me, at least) is: how will I know that the
> >hardware RNG is really producing stuff based on thermal noise, and not,
> >say, on the serial number, some secret known to Intel, and a PRNG?
>
> That's a very good question, especially since Pentium III's will also have
> per-CPU serial numbers...
>
> Seriously, you're already trusting your vendors. Intel did say that the
> hard part of the problem was verifying the output of the RNG; beyond that,
> the driver runs SHA-1 on the output to further randomize the bits used.
What driver? If this driver is in hardware, then this sounds like a
great way to excuse the presence of a PRNG in the "hardware" RNG... if
its in software, why would I want to use it, given that I'm going to
want to do my own whitening after, anyway?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
