[4061] in cryptography@c2.net mail archive
Re: Intel announcements at RSA '99
daemon@ATHENA.MIT.EDU (Dan Geer)
Mon Jan 25 12:55:31 1999
To: Ben Laurie <ben@algroup.co.uk>
Cc: cryptography@c2.net
In-Reply-To: Your message of "Wed, 20 Jan 1999 20:56:35 EST."
<36A64303.59B60F0B@algroup.co.uk>
Date: Mon, 25 Jan 1999 12:21:40 -0500
From: Dan Geer <geer@world.std.com>
[I let this through because it makes a new point. Don't assume I'll
let other posts go through if they are "me too!", though -- we've
beaten the RNG topic to death. --Perry]
> Intel has announced a number of interesting things at the RSA conference.
> The most important, to me, is the inclusion of a hardware random number
> generator (based on thermal noise) in the Pentium III instruction set.
> They also announced hardware support for IPSEC.
An interesting question (for me, at least) is: how will I know that the
hardware RNG is really producing stuff based on thermal noise, and not,
say, on the serial number, some secret known to Intel, and a PRNG?
You don't. More to the point, there is no way
to test a random number generator within the
small (and shrinking) automated test time that is
part of the production line. The falsifiable
hypothesis for a multiplier, say, is that it
gets the right answer. The falsifiable hypothesis
for a RNG is a long slog through volumes of output.
All the production line can say is "turns out a
stream of bits that ain't all ones or zeroes."
I'd imagine that failed devices will be common
enough to be a intellectual curiousity, at least.
--dan
============================================================
"Conspiracy theories are irresistable labor-saving devices
in the face of complexity." -- Henry Louis Gates
============================================================
