[115103] in cryptography@c2.net mail archive
Re: Toshiba shows 2Mbps hardware RNG
daemon@ATHENA.MIT.EDU (Dirk-Willem van Gulik)
Thu Feb 14 17:49:29 2008
From: Dirk-Willem van Gulik <dirkx@webweaving.org>
To: cryptography@metzdowd.com
In-Reply-To: <E1JO2SG-0002a3-Ev@wintermute01.cs.auckland.ac.nz>
Date: Thu, 14 Feb 2008 12:49:56 +0100
On Feb 10, 2008, at 4:02 AM, Peter Gutmann wrote:
>> The device generates random numbers at a data rate of 2.0 megabits
>> a second, according to Toshiba in a paper presented at the
>> International Solid-State Circuits Conference (ISSCC) here.
>
> I've always wondered why RNG speed is such a big deal for anything
> but a few
> highly specialised applications. For security use you've got two
> options:
Assuming that it is impossible to introduce a bias externally and the
randomness can be specifically cryptographically qualified - and such
can be cheaply explained to an auditor - I can see a fair bit of use
to reduce the 'cost' you spend on convincing that same auditor that
your poker, roulette, etc site is fair, that you are keying all your
RSA/DH/whatever exchanges off the right randomness, etc.
I've had cases where a simple nonce (which was just required to be
different each time, so a i++ would do, not even unpredictable) ended
up being changed into some sha1() of some i++ ^ RNG -- as that was the
quicker way to get something argued live. So beeing able to wave a
magic wand over a large part of your infrastructure may be just the
ticked.
Dw
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
