On Fri, Apr 18, 2014 at 05:05:37PM -0400, Thor Lancelot Simon wrote: > On Fri, Apr 18, 2014 at 05:00:50PM -0400, Thor Lancelot Simon wrote: > > > > Unfortunately, the virtual machines on this laptop that I use for most > > NetBSD development don't expose the AES-NI instructions to guests, even > > when doing hardware assisted virtualization. Not RDRAND neither, for > > So, since I already brought it up: why not use a hardware RNG, like RDRAND, > for this purpose?
Because the manufactor doesn't make it possible verify the correctness of the implementation by exposing the *raw* data. Intel has shown that they can mess up in the past... Joerg