[Cryptech Tech] Seeking comments on a proposal for changes to the Cryptech RNG design.

Peter Gutmann pgut001 at cs.auckland.ac.nz
Tue Mar 27 23:32:42 UTC 2018

Joachim Strömbergson <joachim.strombergson at assured.se> writes:

>Note that we second entropy source based on avalanche noise in a PN junction.
>Designed by Fredrik Thulin.

Is there a backup non-physical source in case the physical ones fail or are
persuaded to fail?  If you look at the Capstone RNG, designed by guys who
really know about failure modes of crypto hardware, they also have a CTR-mode
PRNG driven from an internal seed, and an internal counter to ensure that some
state changes occur even if the dynamic randomness-generation locks up.  It's
a really good belt-and-suspenders design, the sort of thing I'd do if given
the chance (I'm a big fan of safety-oriented redundancy in security designs).


More information about the Tech mailing list