> Intel still has not released raw access to their entropy sources; > RDRAND and RDSEED both passing through the conditioner (AES-CBC-MAC), > RDRAND also munged via AES CTR_DRBG (per NIST).
the more i think about it, the less it makes sense. the possible user base for in-cpu hw random equals to approx 7 global: the different operating systems we have. any user mode programs accessing any entropy sources directly are just doing it wrong. but operating systems do not need processed randomness at all. they already have entropy collectors and randomness extractors. all they need is reliable and rich entropy sources, together with a low estimate on their entropy content. they can easily add the cpu generator as another source, and we are good to go. yes, there are a few applications that need an independent random source, for whatever reason. those applications are written by experts, and they are quite capable of writing their own randomness extractor. in fact they *must* write their own extractor. tl;dr: adding processing layer to the hw generator benefits no one, and there is no way intel did not know that. it stinks. it stinks bad. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
