[6555] in cryptography@c2.net mail archive
Re: [PGP]: PGP 6.5.2 Random Number Generator (RNG) support
daemon@ATHENA.MIT.EDU (Eric Murray)
Wed Feb 2 16:08:14 2000
Message-ID: <20000202124301.43404@slack.lne.com>
Date: Wed, 2 Feb 2000 12:43:01 -0800
From: Eric Murray <ericm@lne.com>
To: "Arnold G. Reinhold" <reinhold@world.std.com>
Cc: Eric Murray <ericm@lne.com>, Dave Del Torto <ddt@lsd.com>,
Tom McCune <tmccune1@twcny.rr.com>,
William H Geiger III <whgiii@invweb.net>,
pgp-users@joshua.rivertown.net, Cryptography-C2 <cryptography@c2.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <v04210102b4be3ea40358@[24.218.56.92]>; from Arnold G. Reinhold on Wed, Feb 02, 2000 at 03:24:53PM -0500
On Wed, Feb 02, 2000 at 03:24:53PM -0500, Arnold G. Reinhold wrote:
> At 9:15 AM -0800 2/2/2000, Eric Murray wrote:
> >I've also received Intel security info under NDA (and nothing in
> >this post will violate same). I do not think that your point D is
> >fair- even if the Intel RNG is totally and utterly compromised, it's
> >not a threat to your security just by being there on the chip.
> >Something has to call it and use it's output in a protocol.
> >I do agree with point B however.
>
> The threat to my security from Intel's RNG "just by being there on
> the chip" is that more and more encryption products will come to rely
> on the Intel RNG alone, or combined with some inadequate source of
> entropy like the system clock.
I see that as a general security engineering problem- it's not just Intel's
RNG which could be misused in this way, and people who write
crypto products can use poor/untrusted sources of entropy
other than Intel's RNG.
If you think that using untrusted/unverified/unknown RNGs is a problem,
then object-only crypto libs like BSAFE and MSCAPI are much more of a
problem than the Intel RNG currently is.
> Worse, more and more software vendors
> will adopt Intel's "trust us" attitude, and refuse to divulge details
> of their randomness generation. Some may even attempt to block
> reverse engineering that would expose their weaknesses, a la CSS.
Intel only wishes that they had that much power! :-)
I see the general trend going the other way, towards openness.
Not that we can relax vigilance however.
--
Eric Murray www.lne.com/~ericm ericm at the site lne.com PGP keyid:E03F65E5
