[4044] in cryptography@c2.net mail archive
Re: Intel announcements at RSA '99
daemon@ATHENA.MIT.EDU (Michael Motyka)
Fri Jan 22 12:32:14 1999
Date: Fri, 22 Jan 1999 09:26:27 -0800
From: Michael Motyka <mmotyka@lsil.com>
Reply-To: mmotyka@lsil.com
To: Eric Murray <ericm@lne.com>
Cc: cryptography@c2.net
Eric Murray wrote:
>
> Since PRNGs cycle, with enough output you could tell if a given
> chip is using a PRNG[1].
>
> 1. assuming that the RNG produces output fast enough since good PRNGs
> have long cycles. You wouldn't have to store all the output, just
> the beginning X bytes to detect the start of the next cycle.
>
A 64 bit LFSR using a primitive polynomial and producing bits at 400 MHz
would still take >1400 years to make one lap...registers are cheap and
small, forget about storing and testing against "just the beginning X
bytes". Unless of course the designer >intends< it to turn laps quickly.
