===============================================
-----Original Message-----
From: "Paul Gilmartin" <[EMAIL PROTECTED]>
Sent: 6/29/2006 2:25 PM
To: "[email protected]" <[email protected]>
Subject: Cryptographic Coprocessor and Random Numbers
I posted most of this to a thread on MVS-OE, but I wonder
if more information might be available on this list?
> Why isn't there an emulation if the hardware is not available?
>
In:
Title: zSeries Platform Test Report for z/OS and Linux Virtual Servers
Document Number: SA22-7997-02
| The /dev/random and /dev/urandom Character Special devices provide
| cryptographically secure random output generated from the hardware
| cryptographic feature available on the zSeries. The foundation of this
| random number generator is a time variant input with a very low
| probability of recycling. These device files require ICSF and either
| Cryptographic Coprocessor Feature or PCI X Cryptographic Coprocessor
| depending on the model of the zSeries server.
This tells precious little of whether the hardware generates
physically random or pseudorandom numbers. If the former,
emulation in software is logically impossible.
Might there be a white paper on this?
-- gil
--
StorageTek
INFORMATION made POWERFUL
===============================================
It is described in Principles of Operation SA22-7832-04
under the KMC-PRNG instruction. It is deterministic;
the same inputs yield the same outputs. ANSI X9.17
algorithm.
Jeffrey D. Smith
Farsight Systems Corporation
24 BURLINGTON DR
LONGMONT, CO 80501
303-774-9381 direct
303-709-8153 cell
303-484-6170 fax
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
