[148540] in cryptography@c2.net mail archive
Re: [Cryptography] Fwd: [IP] 'We cannot trust' Intel and Via's
daemon@ATHENA.MIT.EDU (James A. Donald)
Fri Dec 20 11:51:02 2013
X-Original-To: cryptography@metzdowd.com
Date: Fri, 20 Dec 2013 18:09:19 +1000
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com
In-Reply-To: <52B3297A.2020207@iang.org>
Reply-To: jamesd@echeque.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
If you use RDRAND, your random numbers are secure against everyone
except the five eyes.
If you mix RDRAND with a large random number set at install time, plus
the time, you are probably secure against the five eyes as well.
If any one adversary lacks access to every one of your sources of
randomness, your randoms are good against that adversary.
So, consider: Powerful adversaries, Nigerian adversaries, far
adversaries, near adversaries. A source of randomness only has to be
good against one of them to be useful.
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography