> But in any case trust isn't an on-off thing in my opinion. I can > trust > the TPM chip to be a layer keeping my keys safer, without necessarily > having the same trust in its key generator. I remember seeing an > article recently that said for a certain class of US government > crypto > devices all keys are generated at the NSA, and are sent to these > devices.
According to TCG specs a TPM chip supposed to implement True RNG, so there shouldn't be any PRNG/DRNG inside. If you are concerned about NSA back doors in some algorithms then TPM should be of least concern. I couldn't find any info on what types of True RNG are used inside TPM chips, but I remember reading about Infineon using dual-oscillator phase deviation method in their smart cards, so I would assume they would use the same technology in their TPMs. So, the only real concern for me would be quality of post processing of random data and here is a link to a research paper http://arxiv.org/ftp/arxiv/papers/1008/1008.2223.pdf that also analyzes entropy of RNGs. The bottom line is it is quite good. My take on this is that with the current state of technology one could think of using TPM's RNG for seeding entropy into the system rather then going the other way around (something like 'ekeyd' daemon for Linux but backed by TPM chip instead ;-). -Dmitri ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
