On 6/01/2012 10:57 PM, Invisible wrote:
> http://software.intel.com/file/37157

Neat.

I wonder what generation of processors will gain this facility?  It 
won't be generally useful until it becomes widespread and even then what 
is the fallback when software detects that it is not running on a 
processor with the facility?  Use less secure PRNG and seeds as now?

Probably will be appear in crypto devices and gaming machines (i.e. 
poker machines etc.) where the enabled processor is specified rather 
than in general use.  Even there, in things like poker machines the 
vendor has to be able to prove that the RNG is compliant with whatever 
rules a jurisdiction sets.  True randomness may strangely not be 
acceptable but I'm not sure.

It reminds me of the Integrated Cryptographic Facility available on IBM 
S/390 mainframes circa 1990 (?).  It was a separate processor module 
that offloaded crypto functions from the CPU.  From memory they 
supported highly tamper proof key storage and hardware implementation of 
DES, Triple DES etc. but not a hardware entropy source.

I saw an early hardware RNG device that relied on thermal noise.  It was 
about the size of a microwave oven.  Most of it was I think to ensure 
that the noise source was kept in a very narrow temperature range so 
that physical randomness was never biased.  One of these was hooked up 
to the Internet and you could get the random stream.  Sort of defeats 
many of the possible uses of randomness when everybody can see the same 
stream.  But for simulations and testing algorithms it was useful I guess.

Post a reply to this message