[141419] in cryptography@c2.net mail archive
Re: very high speed hardware RNG
daemon@ATHENA.MIT.EDU (Jack Lloyd)
Tue Dec 30 10:05:43 2008
Date: Sun, 28 Dec 2008 23:49:06 -0500
From: Jack Lloyd <lloyd@randombit.net>
To: cryptography@metzdowd.com
Mail-Followup-To: cryptography@metzdowd.com
In-Reply-To: <8763l3239y.fsf@snark.cb.piermont.com>
On Sun, Dec 28, 2008 at 08:12:09PM -0500, Perry E. Metzger wrote:
>
> Semiconductor laser based RNG with rates in the gigabits per second.
>
> http://www.physorg.com/news148660964.html
>
> My take: neat, but not as important as simply including a decent
> hardware RNG (even a slow one) in all PC chipsets would be.
I've been thinking that much better than a chipset addition (which is
only accessible by the OS kernel in most environments) would be a
simple ring-3 (or equivalent) accessible instruction that writes 32 or
64 bits of randomness from a per-core hardware RNG, something like
; write 32 bits of entropy from the hardware RNG to eax register
rdrandom %eax
Which would allow user applications to access a good hardware RNG
directly, in addition to allowing the OS to read bits to seed the
system PRNG (/dev/random, CryptoGenRandom, or similar)
I think the JVM in particular could benefit from such an extension, as
the abstractions it puts into place otherwise prevent most of the
methods one might use to gather high-quality entropy for a PRNG seed.
-Jack
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
