Peter Gutmann skrev:
The worst case is a change in the environment or manufacturing process, which
typically occurs without the end user even knowing about it.  You simply can't
guarantee anything about RAM state as an RNG source, you'd have to prove a
negative (no change in manufacturing technology or the environment will affect
the quality of the source) in order to succeed.  It's like the thread-timing-
based RNGs, you can never prove that some current variation of or future
change to the scheduler won't result in totally predictable "random" numbers.

One could add test functionality that checks the randomness of the initial SRAM state after power on. But somehow I don't think a good test suite and extremely low cost devices (for example RFID chips) are very compatible concepts.

Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
Kryptoblog - IT-säkerhet på svenska

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to