[147175] in cryptography@c2.net mail archive
Re: [Cryptography] Radioactive random numbers
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Tue Sep 17 11:35:42 2013
X-Original-To: cryptography@metzdowd.com
Date: Tue, 17 Sep 2013 11:35:34 -0400
From: "Perry E. Metzger" <perry@piermont.com>
To: Carl Ellison <cme@panix.com>
In-Reply-To: <CE5DE7DC.A30A%cme@panix.com>
Cc: Tony Arcieri <bascule@gmail.com>,
Cryptography List <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
Added cme@panix.com -- if you want to re-submit this (and maybe not
top post it) I will approve it...
Perry
On Tue, 17 Sep 2013 11:08:43 -0400 Carl Ellison <cme@panix.com> wrote:
> If you can examine your setup and determine all possible memory in
> the device, count that memory in bit-equivalents, and discover that
> the number of bits is small (e.g., <8), then you can apply Maurer's
> test:
>
> ftp://ftp.inf.ethz.ch/pub/crypto/publications/Maurer92a.pdf
>
>
> Of course, if you're concerned that someone has slipped you a CPU
> chip with a PRNG replacing the RNG, you can't detect that without
> ripping the chip apart.
>
> On 9/12/13 11:00 AM, "Perry E. Metzger" <perry@piermont.com> wrote:
>
> >On Wed, 11 Sep 2013 17:06:00 -0700 Tony Arcieri <bascule@gmail.com>
> >wrote:
> >> It seems like Intel's approach of using thermal noise is fairly
> >> sound. Is there any reason why it isn't more widely adopted?
> >
> >Actually, I think things like this mostly have been missing
> >because manufacturers didn't understand they were important. Even
> >the Raspberry Pi now has an SoC with a hardware RNG.
> >
> >In addition to getting CPU makers to always include such things,
> >however, a second vital problem is how to gain trust that such RNGs
> >are good -- both that a particular unit isn't subject to a hardware
> >defect and that the design wasn't sabotaged. That's harder to do.
> >
> >Perry
> >--
> >Perry E. Metzger perry@piermont.com
> >_______________________________________________
> >The cryptography mailing list
> >cryptography@metzdowd.com
> >http://www.metzdowd.com/mailman/listinfo/cryptography
>
>
--
Perry E. Metzger perry@piermont.com
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
