On 2010-07-19 03:18 PDT, Konstantin Andreev wrote: > Let assume, I have high-quality, conformant to all relevant standards > (e.g. FIPS 140-1), hardware, true random numbers source - token "B". > Token vendor intimately cares about standard API to the token, and > provides PKCS#11 library. > > Indeed, there are very good commercial true RNG, and the only API to them > we can rely is PKCS#11.
Right. You can use their output as additional input to the internal PRNG in another token. > It is obvious, that hardware RNG is more secure than softoken's builtin > one. Is it achievable to make softoken use hardware RNG all the time, > being or not being FIPS-compatible ? You would have to modify softoken in a way that would make it no longer FIPS compliant. Simpler would be to frequently take random output from one and feed it as additional input to the other through the PKCS#11 function C_SeedRandom. > Maybe chaining two FIPS-compliant devices will result in FIPS-compliant > aggregate device ? > > Application --(sign_req)--> Mozilla softoken --(C_GenerateRandom)--> > hardware RNG If softoken were to use an external hardware RNG as its ONLY RNG (as opposed to considering it as a source of "additional input" to softoken's own RNG), then the only way that softoken could claim FIPS compliance would be if softoken was FIPS certified together with that hardware RNG. That hardware RNG would be considered inside of the softoken's perimeter. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
