At 12:25 PM -0400 8/11/99, Theodore Y. Ts'o wrote:
>   Date: Tue, 10 Aug 1999 11:05:44 -0400
>   From: "Arnold G. Reinhold" <[EMAIL PROTECTED]>
>
>   A hardware RNG can also be added at the board level. This takes
>   careful engineering, but is not that expensive. The review of the
>   Pentium III RNG on www.cryptography.com seems to imply that Intel is
>   only claiming patent protection on its whitening circuit, which is
>   superfluous, if not harmful. If so, their RNG design could be copied.
>
>I've always thought there was a major opportunity for someone to come up
>with an ISA (or perhaps even a PCI) board which had one or more circuits
>(you want more than one for redundancy) that contained a noise diode
>hooked up to a digitizing circuit.  As long as the hardware interface
>was open, all of the hard parts of a hardware RNG, could be done in
>software.

This thread started over concerns about diskless nodes that want to 
run IPsec.  Worst case, these boxes would not have any slots or other 
expansion capability. The only source of entropy would be network 
transactions, which makes me nervous. That is why I feel we should 
pressure manufacturers of such boards to include hardware RNG 
capability in one form or another.

Generic PC's these days come with audio input or can have a sound 
card added easily. Open software that would characterize, monitor and 
whiten the output of an analog noise source connected to the audio-in 
port would meet a lot of needs.

Arnold Reinhold

Reply via email to