A question to the experts:
I fully understand the trust gained by having a custom made external analog TRNG as we do here, but wouldn't be better to XOR the bitstream received from our generator with the one embedded in the CPU(*)? I mean, if the CPU 's TRNG is tainted, we will not be worse off, and if it is not, the board will probably exhibit higher security in case our generator would have some issues.
(*) from the STM32F429 datasheet: All devices embed an RNG that delivers 32-bit random numbers generated by an integrated analog circuit
(analog noise feeding into a shift register) _______________________________________________ Tech mailing list Tech@cryptech.is https://lists.cryptech.is/listinfo/tech
