Hacker Neue

Preferences
rwg parent
VIA's "Nehemiah" core C3 CPUs had hardware random number generation, as well as hardware AES assist, way back in 2003. (And, of course, VIA's "PadLock" instructions and Intel's RdRand instruction + AES-NI instructions are totally different. Hooray for continued x86 instruction set fragmentation!)

Edit: It just occurred to me that you're probably referring to the implementation, not the existence of a hardware RNG in x86. Doh!

wmf
Yeah, IIRC VIA is using the same ring oscillator style that Intel used to use. This article is about a new, lower-power RNG design.
marshray
The idea that a hardware RNG would ever need to consume a noticeable amount of power on a 20W CPU seems strange to me. Lots of low power chips have them. A quick search returns a paper titled "A 2.92μW Hardware Random Number Generator".
jbri
Having a look at that paper, the actual rate at which it produces bits is very low - for 2.92μW, they're producing only 500 bits per second.

For an embedded device that might be suitable, but for a consumer or server machine you need a much higher bitrate.

tedunangst
You only need a little "grade-A" random to seed an appropriate high bitrate algorithm from time to time.
marshray
No one has ever broken a properly designed CSPRNG properly seeded with more than 100 or 200 bits of entropy, total.

This item has no comments currently.