[4025] in cryptography@c2.net mail archive
Re: Intel announcements at RSA '99
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Wed Jan 20 23:16:41 1999
To: Ben Laurie <ben@algroup.co.uk>
Cc: cryptography@c2.net
Date: Wed, 20 Jan 1999 16:19:11 -0800
From: "Steven M. Bellovin" <smb@research.att.com>
In message <36A64303.59B60F0B@algroup.co.uk>, Ben Laurie writes:
>Steve Bellovin wrote:
>>
>> Intel has announced a number of interesting things at the RSA conference.
>> The most important, to me, is the inclusion of a hardware random number
>> generator (based on thermal noise) in the Pentium III instruction set.
>> They also announced hardware support for IPSEC.
>
>An interesting question (for me, at least) is: how will I know that the
>hardware RNG is really producing stuff based on thermal noise, and not,
>say, on the serial number, some secret known to Intel, and a PRNG?
That's a very good question, especially since Pentium III's will also have
per-CPU serial numbers...
Seriously, you're already trusting your vendors. Intel did say that the
hard part of the problem was verifying the output of the RNG; beyond that,
the driver runs SHA-1 on the output to further randomize the bits used.
