[148485] in cryptography@c2.net mail archive
Re: [Cryptography] Fwd: [IP] 'We cannot trust' Intel and Via's
daemon@ATHENA.MIT.EDU (grarpamp)
Tue Dec 17 13:46:06 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <52B002C9.5020604@iang.org>
Date: Tue, 17 Dec 2013 05:01:53 -0500
From: grarpamp <grarpamp@gmail.com>
To: cryptography@metzdowd.com
Cc: cypherpunks@cpunks.org
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
> They want this, if it can be made to work, and they'll try
> it if they don't know. That's what they said in the goals revelations, and
> I believe them.
This probably can't be mentioned enough. Millions to billions
of gates on a die, lots of room there. Multiplied out to the
millions to billions of computers in service. That's a huge
opportunity no one in their right mind wouldn't try to exploit.
And RNG's are an easy place to do it. RNG is not a box
you can input 2+2 test vector from the outside and get 4
back out. The RNG may even look random, pass diehard, etc.
But if there's a secret seed buried in the RNG somewhere,
you're screwed. And when was the last time anyone ever publicly
decapped and validated a current Intel RNG CPU? <silence>
Sure, mix it in with at least one other source, or shutdown, and
use that. But don't ever use it raw. Embedded RNG's help make
the market for external discrete logic RNG dongles.
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
