[Cryptech Tech] Alpha board main CPU change
Bernd Paysan
bernd at net2o.de
Sat May 30 18:48:22 UTC 2015
Am Samstag, 30. Mai 2015, 20:06:25 schrieb Jacob:
> From what I gather, it depends on the mixing method you use. If it is a
> good mixer, and you force an output failure from the RNG if any of the
> fully trusted entropy sources becomes unavailable (noting the Android
> Bitcoin address generation fiasco a few days ago), then it is beneficial
> to mix in even semi-questionable sources.
Indeed, any source that has a tiny bit of "unknown" in it is good. Even said
AES-encrypted counter is delivering a small bit of entropy into a pool: the
actual count value (which is unknown to the attacker unless said attacker can
directly get at the AES output and decrypt it).
> See for example the heated debate between Linux maintainer Theodore Ts'o
> and Intel RDRAND designer David Johnston at
> https://plus.google.com/+TheodoreTso/posts/SDcoemc9V3J
IMHO David Johnson does not understand that the loadable microcode part allows
Intel to subvert his random number generator.
The original code of RDRAND looks probably like this:
static char aeskey[16]=INTEL_INITIAL_KEY; // don't use rdrand too early after
boot
static int128_t counter;
char out[16];
if(entropy_bytes >= 32) {
char entropy[32];
counter = 0;
rdentropy(entropy, 32);
aes_encrypt(aeskey, entropy, entropy+16);
// use AES to condense 256 bits to 128 random looking bits as key
}
aes_encrypt(out, aeskey, &counter);
counter++;
All is fine. To subvert it, change that to:
static char aeskey[16]=NSA_AES_KEY;
static int128_t counter;
char out[16];
if(entropy_bytes >= 32) {
char entropy[32];
counter = 0; // leave in for timing
rdentropy(entropy, 32);
aes_encrypt(counter, entropy, entropy+16);
// use AES to condense 256 bits to 128 random looking bits as counter
}
aes_encrypt(out, aeskey, &counter);
counter++;
The device is still working perfectly. All tests on the output still work
perfectly. The NSA can extract information when they get raw readouts of
RDRAND, otherwise, it's still delivering valid entropy (by reseeding the
counter with actual random data).
Unless you have a microcode decompiler, you can't know what your BIOS actually
loads into the CPU.
A Cortex M4 has two sources for entropy that can possibly be used: The PRNG,
and the on-chip SRAM, which contains entropy after power-on.
--
Bernd Paysan
"If you want it done right, you have to do it yourself"
net2o ID: kQusJzA;7*?t=uy at X}1GWr!+0qqp_Cn176t4(dQ*
http://bernd-paysan.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cryptech.is/archives/tech/attachments/20150530/fc7e17ed/attachment.sig>
More information about the Tech
mailing list