Re: [cryptography] RDRAND not really random with Oracle Studio 12.3 + patches

Sun, 12 Jun 2016 21:17:27 -0700 

On 6/10/2016 4:50 PM, Jeffrey Walton wrote:

Ouch... just came across this...
https://community.oracle.com/thread/2565486?start=0&tstart=0

I did not think it was possible to foul the hardware generated random
numbers (sans an occasional underflow).

Jeff
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
While the code doesn't follow the SDG guidelines (I.E. it doesn't check for the return status and it doesn't check for the instruction support) it should work because RdRand doesn't underflow in any of our chips. Is this running in a VM or on bare metal? A VM intercept could cause it to happen. Also if you did get an underflow the resulting value passed to the pointed to location would be 0.
I tried compiling that code on an Ivy Bridge machine running Linux, but it failed to compile.. 

>gcc rdrand.c -o rdrand
rdrand.c:1:29: fatal error: sys/immintrin.h: No such file or directory
compilation terminated.
So I pointed the header to the right place and spend an eternity finding I needed the -mrdrnd target to make the intrinsic happy. 

#include <sys/immintrin.h>  --> #include <immintrin.h>

>gcc -mrdrnd rdrand.c -o rdrand
and of course it worked.. (also check out this fine example of Benford's law resulting from the base change to decimal) 

>./rdrand
 47548    1558559191     2755117154251474975
 50537    3898659232     2936332874890231466
 40031    1552195508    10170037297392088344
  5444    1986582987    12501565610254954363
 51634    1349842509    17357073879924565963
 59068    1088061637     3243797942283965136
 25115    1206811090    13419374814453446609
  5749    1685023546    13986067242084897708
 36940    1839303180    17932264519825487916
 20741    1220949897     4022801322442653892

So it must be some sort of compiler bug or VM problem.
We work with many vendors to make sure the RdRand and RdSeed support is done correctly and securely. So I'd like to make sure this is resolved. 

DJ



_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to