> As an unrelated but funny aside, I once heard about a expensive, high > assurance device with a embedded bi-stable circuit for producing high quality > hardware random numbers. As part of a rigorous validation and review process > in order to guarantee product quality, the instability was noticed and > corrected late in the development process, and final testing showed that the > output of the key generator was completely free of any pesky one bits that > might interfere with the purity of all zero keys. >
More perniciously, an excellent PRNG algorithm will "whiten" sufficiently that the standard statistical tests will not be able to distinguish the random output stream as completely lacking in seed entropy. I believe the CC EAL target evaluations standards require that during the testing a mode be enabled to access the raw uncleaned, pre-algorithmic-balancing, values so that tests can be incorporated to check the raw entropy source for that issue. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
