Chris Zimman wrote:
>
> > There have been a number of third-party evaluations of the hardware RNG in
> > the new Pentium chip. So far it's gotten a clean bill of health. Of course,
> > since the Micro$oft CryptoAPI has to be invoked to get to it, I don't
> > feel like trusting it any further than just _initializing_ the RNG at
> > this point.
>
> If this is the thermo-resistive generator that Intel has been putting on
> their other chips, it's quite decent from what I understand. Bob Baldwin
> of Plus Five gave a talk on hardware RNGs at RSA 2000 and seemed generally
> confident in the capabilites of these generators. I'd guess Intel has to
> have some sort of spec for the generator function and or parameters.
>
> Considering what most people are using for their RNGs, I'd have a hard
> time believing this is anywhere near as bad.
The RNG is not in the processor, but part of the 810 chipset. An
evaluation
can be had here:
http://www.cryptography.com/intelRNG.pdf
While this was done as work for Intel, Paul Kocher's integrity is above
reproach. The device itself is generally adequate.
The main limitation is the bitrate, which would be insufficient for
a busy server which has to generate a lot of key material or padding --
in which case the Hardware RNG can be used to periodically seed a good
software RNG (e.g. Yarrow).
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
