[39646] in Cypherpunks
Re: Project: a standard cell random number generator
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Wed Sep 20 18:36:18 1995
To: John Gilmore <gnu@toad.com>
Cc: cypherpunks@toad.com, diffie@eng.sun.com
In-Reply-To: Your message of "Wed, 20 Sep 1995 14:50:14 PDT."
<9509202150.AA08164@toad.com>
Reply-To: perry@piermont.com
Date: Wed, 20 Sep 1995 18:27:38 -0400
From: "Perry E. Metzger" <perry@piermont.com>
On this same track, I suggest that "/dev/random" devices for unix are
an excellent idea. Ted Tso did one for Linux that steals all the bits
of semi-random timing information it can. Such a driver has the
feature that it can be plugged into either a software pseudodriver or
a hardware device if one is available.
John Gilmore writes:
> Do we know any solid state physics / circuit design experts who think
> this might be a fun thing to do? I bet you could get a paper out of
> it. And probably improve the world a few years later, when companies
> used your paper to close another hole in their computer security.
There are companies that sell hardware RNGs -- Newbridge, for instance
-- but they charge an arm and a leg for them.
There is also a company that I got literature from that sells RS232
interfaceable radiation detectors, which I have thought about using
for this purpose, but they are also way too expensive.
As you say, what one really needs is something that fits in a small
section of a chip. Unfortunately, this stuff is very delicate analog
-- not the usual thing you find in standard cell -- and very easy to
screw up.
> PS: It's possible that NSA collusion with chip-makers could produce
> bad pseudo-random-number generators in popular chips, giving NSA a
> back-door into any algorithm that used them. This would be harder to
> detect than poor software random number generators, since it requires
> prying the lid off the chip, getting out your microscope, and
> reverse-engineering the circuit, instead of just disassembling the
> software. In this sense, NSA ought to be *encouraging* Intel and
> IBM and Motorola to put "generate random bits" instructions into
> their instruction sets...
An interesting concept!
Perry
