Re: How can you verify the randomness that's coming from a hardware?
Are you seriously suggesting that Intel chips have a zero chance to include a backdoor?
Because I've got a newsflash for you: https://fossbytes.com/intel-processor-backdoor-management-engine/
ok in no way am I an expert on computer cpu architecture but that article is from 2016. 8 years ago. maybe things have changed since then. with new cpus that intel put out. at this point we are talking about 8+ year old cpus. maybe it's time to upgrade if someone has concerns about the safety of their computing platform.
Quote
As well as: https://meltdownattack.com/
Intel did not disclose their knowledge of these vulnerabilities with the public and / or release fixes, until security researchers discovered them. There is no way of knowing for sure if or who they shared these vulnerabilities with or if they're even built-in by design.
Well, I think that's kind of an esoteric vulnerability given that even on the webpage, it admits "they don't know".Intel did not disclose their knowledge of these vulnerabilities with the public and / or release fixes, until security researchers discovered them. There is no way of knowing for sure if or who they shared these vulnerabilities with or if they're even built-in by design.
Has Meltdown or Spectre been abused in the wild?
We don't know.
As well, I'm not sure intel deserves to have their balls busted big time of something that old that long ago.
Quote
But I wouldn't put too much trust in Intel chips when it comes to having really good hardware entropy.
https://www.macrumors.com/2018/02/22/intel-government-meltdown-spectre-disclosure/
I don't see what that situation has anything to do with the RDRAND and RDSEED features in their cpus though. In general I think Intel is a competent company with high quality cpus. That's why they have stayed the king for ever since PCs became a thing. Oh and before we bash them too much, they did get into making bitcoin miners too.https://www.macrumors.com/2018/02/22/intel-government-meltdown-spectre-disclosure/
Quote
Keep in mind it's not just about backdoors; RNGs can also simply be implemented badly, which would be hard to test / identify.
Intel has provided documentation about how their RDRAND and RDSEED work. Believe it or not. Trust it or not. But they provided the docs.Quote from: dkbit98
Even if we disregard that, bottom line is that this is not giving true random results.
Well I don't know how you come to that conclusion but the only way I would believe it is if I seen it with my own eyes. I'd like to test RDSEED out and see what it can do. But in the mean time, feel free to share a 10 MB file of output from it so it can be statistically analyzed. Then we have something to talk about. 