|
|
|
|
|
|
by NateLawson
1540 days ago
|
|
|
You need to get access to the raw entropy stream in order to characterize it and test it under a number of different situations. At Cryptography Research, we did a number of reviews of hardware entropy sources. You have to look into behavior during very early startup (power on reset), suspend/resume from low power states, under high heat and thermal shutdown, as well as stable operation. You look at different samples of chips to look for production variation. You build software models that try to simulate the underlying hardware behavior to see how close they get to predicting outputs (which is a bad thing if it works too well!) You then review how the system processes this entropy since ideas that look good to hardware engineers (like a string filter) are actually really bad for entropy. You analyze the path for side channels or race conditions that could leak raw entropy across process boundaries. Anyway, here are the reports: https://www.rambus.com/wp-content/uploads/2015/08/IntelRNG.p... (1999) https://www.rambus.com/wp-content/uploads/2015/08/VIA_rng.pd... (2003) https://web.archive.org/web/20141230024150/http://www.crypto... (2012) |
|
|