David Honig wrote:
> At 08:56 PM 1/20/99 +0000, Ben Laurie wrote:
> >Steve Bellovin wrote:
> >>
> >> Intel has announced a number of interesting things at the RSA conference.
> >> The most important, to me, is the inclusion of a hardware random number
> >> generator (based on thermal noise) in the Pentium III instruction set.
> >> They also announced hardware support for IPSEC.
> >
> >An interesting question (for me, at least) is: how will I know that the
> >hardware RNG is really producing stuff based on thermal noise, and not,
> >say, on the serial number, some secret known to Intel, and a PRNG?
> >
>
> You would have to reverse engineer random samples of the chip to gain
> *some* confidence. Intel could make this easier by providing
> their "source" and tool flow, from specs to a HDL to synthesis to layout.
>
> There are, I am told, commercial firms who will give you a netlist given
> *only* a sample chip and lots of money.
>
> And there's of course Ross Anderson and Marcus Kuhn and their
> chip-stripping labs..
>
Intel is one manufacturer of the COMSEC module in the STU's. They also
manufacture(d) a random noise module used in them.
It says they have the expertise.
