[Cryptech Tech] Alpha board main CPU change

Jacob jacob at edamaker.com
Sat May 30 17:06:25 UTC 2015

Previous message (by thread): [Cryptech Tech] Alpha board main CPU change
Next message (by thread): [Cryptech Tech] Alpha board main CPU change
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>>
>>> We could use the TRNG in the M4 as an entropy source to feed the TRNG
>>> inside the FPGA (basically a FIFO into which SW could write words
>>> consumed during entropy mixing). But replacing the TRNG, no.
>>>


> Sure, not as a sole actor, but what about as an additional source, mixed in
> with the others? I'm not sure what the latest views on this are - if an
> attacker could predict all of the output of the M4 TRNG do they have any
> advantage over a design that just doesn't mix this in?

 From what I gather, it depends on the mixing method you use. If it is a 
good mixer, and you force an output failure from the RNG if any of the 
fully trusted entropy sources becomes unavailable (noting the Android 
Bitcoin address generation fiasco a few days ago), then it is beneficial 
to mix in even semi-questionable sources.

See for example the heated debate between Linux maintainer Theodore Ts'o 
and Intel RDRAND designer David Johnston at
https://plus.google.com/+TheodoreTso/posts/SDcoemc9V3J

Jacob

Previous message (by thread): [Cryptech Tech] Alpha board main CPU change
Next message (by thread): [Cryptech Tech] Alpha board main CPU change
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Tech mailing list