SSD drives
Oleg Goldshmidt
pub at goldshmidt.org
Thu Jan 3 15:13:27 IST 2013
On Thu, Jan 3, 2013 at 12:31 PM, Elazar Leibovich <elazarl at gmail.com> wrote:
> Instead of assuming, you should've used Google ;-)
Yes, but I am at work. ;-)
>
> To my (limited, I'm far from a crypto expert) understanding, Intel of course
> also seeds the PRNG with a true random number generator, and it complies
> NIST standard for randomness.
Well, I took your admonition to heart, and Googled.
The link you provided
> http://software.intel.com/en-us/blogs/2012/11/17/the-difference-between-rdrand-and-rdseed
says that Intel have two instructions, RDRAND and RDSEED, and the
latter is supposed to be a "True RNG" (TRNG) or an "ehanced
non-deterministic random number generator" (ENRNG).
I have not found a description of how RDSEED works anywhere (if anyone
knows, please tell me).
According to NIST,
http://csrc.nist.gov/groups/ST/toolkit/random_number.html
"true" and "non-deterministic" RNGs are one and the same thing, and
what we call PRNG is terms "deterministic RNG", or DRNG. I have no
idea what "enhanced NRGS" might be - Google returned nothing useful to
all the variants that I tried so far (full words, abbreviations, etc.)
So much for terminology.
According to the same NIST page, there are no NIST-approved TRNGs
today. What "compliant" means on the Intel page above is not quite
clear to me.
I'd say that it is up to Intel to prove that their TRNG design is
truly non-deterministic. So far I have not seen anything about it.
(This does not mean that documentation does not exist, or has not been
peer-reviewed, or whatever. It means exactly what I wrote.) Designing
a truly non-deterministic source is very difficult. various
considerations and discussions 8can* be googled for.
--
Oleg Goldshmidt | pub at goldshmidt.org
More information about the Linux-il
mailing list