[117650] in Cypherpunks
Re: Build a better OTP?
daemon@ATHENA.MIT.EDU (Anonymous)
Wed Sep 8 01:17:24 1999
Date: Wed, 8 Sep 1999 07:01:40 +0200 (CEST)
Message-Id: <199909080501.HAA05071@mail.replay.com>
From: Anonymous <nobody@replay.com>
To: cypherpunks@cyberpass.net
Reply-To: Anonymous <nobody@replay.com>
> Intel is probably responding to the vast market for MS stuff by
> developing/hyping this first.
Yes, of course. Please take some time to explain this to our slower
readers.
> But, the only reasons for not releasing the spec to the bazaar (to get free
> drivers) is either to allow
> yourself change (but then why publish a MS API?) or you're hiding something
> (But I'm trying to give them the benefit of the doubt here).
Right, they want to be able to change the hardware interface.
Publishing a MS API does not interfere with this, because they can change
the interface without changing the API. This is standard software
engineering practice. They could publish a Linux binary API too,
except that predictable response (as we have seen here) is that there
is absolutely no interest in such from the Linux community.
> Strange. Its not like, in a year, someone in the right
> lab couldn't have reverse engineered a sample bought at Fry's...
> (including recovering a behavioral model from the masks)
It's much simpler just to reverse engineer the driver, so that people
can see the raw data. The driver should start to appear in security
products within the next few months.
Another writer commented:
> Fer chrissake, I thought that Intel was selling *hardware*, not
> operating systems -- this shouldn't be a "Windows vs. Linux"
> issue at all! (For instance, neither of these operating systems
> are likely to be used in embedded crypto applications, where a
> hardware RNG would be invaluable.)
Right, it's not; it's a binary-API issue. The Linux community will not
accept a binary API. They want to see source. Intel has reasons not to
want to release source, one of which is, as the earlier writer explained,
the flexibility to change the internal interface. Thus, an impasse,
so far.
Soon, the interface will be reverse engineered, and then it will be moot.
Intel may choose to release a Linux driver by then, or perhaps afterwards,
or maybe they'll just keep mum and let people use the reverse engineered
version.
Regardless, the interface spec will be available before too long.
All this fuss will be forgotten. The bottom line is that this chip
supplies all the randomness needed for cryptographic applications, with
much more security and efficiency than has ever been available before.
It is a significant improvement in security technology. If it finally
puts an end to the hare-brained discussion on cypherpunks of homebrew
RNGs, it will be worth it just for that.