On Tue, 18 Sep 2007, James A. Donald wrote:

Using SRAM as a source of either randomness or unique
device ID is fragile.  It might well work, but one
cannot know with any great confidence that it is going
to work.  It might work fine for every device for a
year, and then next batch arrives, and it completely
fails.  Worse still, it might work fine on the test
batch, and then on the production run fail in ways that
are subtle and not immediately obvious.

And you might get better results from cheaper ram which may fail more often. (Adding a different sort of randomness.)

I have a friend who is a hardware engineer who is preparing a talk on just this sort of issue with the state of DRAM chips. It will be interesting to see what he says. (For those people in Portland, OR, it will be given at the PLUG Advanced Topics meeting sometime early next year.)

Never trust a queue structure designed by a cryptographer.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to