Slashdot Mirror
VIA C3 Random Number Generator Reviewed
An anonymous reader writes "VIA has added a hardware
random number generator to its Nehemiah C3 CPU. I found a recent review
of its security. Interesting how it's done at the instruction level as opposed to
the chipset level used by the i810 RNG (also reviewed there)."
Hell, I couldn't even predict what would come next
Oh wait...
In Canada, we don't fancy things like socks
Was just some guy they trained to sit there and yell numbers at them.
Developer: Hey! Gimme a number!!!
Idiot in corner: uh Seven boss!
---- The real Slashdot is still here. You just have to browse at -1 to read the comments.
VIA Launches Seventh Generation 'Nehemiah' CPU Core, the First x86 Processor to Market with Embedded Security Features
Combining an integrated PadLock(TM) Data Encryption Engine with a wealth of enhanced performance features, the new generation VIA C3(TM) provides the lowest power native x86 platform for the fast-growing market of connected PCs and home entertainment centers
Taipei, Taiwan, 22 January 2003 - VIA Technologies, Inc., a leading innovator and developer of silicon chip technologies and PC platform solutions, today announced its new generation VIA C3(TM) processor integrating the 'Nehemiah' core. With its powerful PadLock(TM) Data Encryption Engine, this next generation VIA C3 is the first native x86 processor on the market with embedded security features that enhance the protection of sensitive corporate and personal data.
Available now at a speed of 1GHz, the new processor core is based on an advanced new CoolStream(TM) processor architecture that delivers all the necessary performance for running even the most demanding digital media applications while maintaining ultra low levels of power consumption and heat dissipation.
"The launch of the seventh generation VIA C3 processor extends our leadership in enabling the development of secure, quiet-running small form factor system designs for a rapidly growing number of exciting new lifestyle and productivity applications such as home digital media entertainment and connected computing," commented Paul Hsu, Executive Assistant to the President and Head of VIA's CPU Business Unit. "Integration of embedded security features in the processor provides the most robust and cost-effective solution for addressing the increased demands among individuals, businesses, and government organizations for enhanced authentication and protection of their data in today's connected world."
PadLock(TM) Data Encryption Engine
The PadLock Data Encryption Engine has been integrated into the new generation VIA C3 processor to ensure greater confidentiality, integrity, and authenticity of electronic data either stored in the computer or transmitted over a network or the Internet, and enables a host of powerful new security applications, including heavy-duty data encryption and safer online transactions.
At its heart is an advanced Random Number Generator (RNG) that uses random electrical noise on the chip to securely produce random number values, and features a direct application level interface through a new x86 instruction. Developers can obtain random numbers directly from the hardware without having to use separate software drivers, thereby providing an inherently more secure and efficient solution than combined hardware/software RNG architectures. The RNG includes several operating modes, offering performance from 750K bits per second to as high as 6 million bits per second.
"VIA's incorporation of a hardware random number source on the processor die is exciting for developers, since it provides a simple and effective way of obtaining high quality randomness. This is particularly important for security and cryptography applications, since it is notoriously difficult to generate random numbers of adequate quality without a hardware random number generator," said Paul Kocher, President of Cryptography Research, Inc. and co-inventor of SSL 3.0. "I am enthusiastic about the benefit to applications such as secure web browsing, cryptographic key generation, and protocols where randomness is required."
CoolStream(TM) Architecture
Based on the advanced CoolStream architecture, the new generation VIA C3 processor has a highly efficient design that, when coupled with the VIA Apollo CLE266 chipset, delivers performance increases of up to 20% over the current version of the VIA C3 processor in mainstream productivity applications and up to 73% for 3D graphics applications, while continuing to deliver the same benefits of low power and minimal heat dissipation.
New performanc
ok, i couldnt find the original strip, but here goes from memory:
.. and maybe that holds for your calculator too :-)
accounting troll: this is our random number generator
troll: 9
troll: 9
troll: 9
dilbert: are you sure that's random?
accounting troll: thats the problem with randomness, you really can't be sure.
mats
One man's ceiling is another man's floor.
No. Generally the idea of devices is just to amplify thermal noise. Thermal noise is produced at the microscopic level with atoms bouncing into each other. There's no way to predict that... unless you tap directly into the generator (in which case it's simpler to just get the data on the computer before it's encrypted).
Opus: the Swiss army knife of audio codec
The ideal source for random numbers has always been physical sources, such as the white noise you see on your television screen when tuned to an unused channel. The noise is generated by remnants from the big bang, and is cryptographically unusable (since the numbers are recordable by anyone). But is a good test for statistical algorithms such as evolutionary computation (which depend on randomn initial states).
The idea of using electrical currents secured on a chip is much sounder - since the noise is locally generated and very difficult to tap. I project that as quantum mechanics become more mainstream, the random quantum effects of electrons will be tapped to generate even sounder and accessible random signals.
Actually, I've heard of some experiment where people were asked to fake a "coin tossing session" and write down the results. Generally, you could tell it's fake because when "generating random numbers" people tend not to repeat sequences.
Opus: the Swiss army knife of audio codec
Isn't it interesting how much importance we place on quote unquote "true" randomness of numbers? We expect (or at least hope that) a computer can generate random numbers time and time again without fail...
But any human being would prove horrible at such a task... In fact, if you ask a human being for 3 random numbers, odds are very good that they will give you at least two sequential ones...such as 7 6 2...or 5 9 8...
I guess that's the point of computers though...if we could all calculate as fast as a computer, process data as fast as a computer, and perform other tasks as fast and as well as a computer, we wouldn't need computers, now would we?
Random number generation is an interesting topic though because it is often seen as a fault of computers... People claim that computers are "incapable" of generating random numbers. So are human beings... I can understand a computer not being able to store a floating point number with a hundred digits after the decimal point being considered a fault, because FEASIBLY a human being COULD perform the operations and have the value exact out to a hundred decimal places. But with random numbers...a human couldn't do it even remotely as well a computer can, so why is it considered such a weakness of computers? Maybe the power of computers to break their own codes because numbers aren't truly random is the reason they are sought after in the first place.
would be to use radioactive decay to generate random numbers. Very easy to implement using existeng technology, one of the few things that is completely random, and it's infinitely scalable to boot. A system I envision would simply moniter a radioactive sample for 1000 milli or micro seconds. Every sample time, it would record the number of fission events and if even, turn a bit on, if odd, turn the bit off. Then withing the space of a second you have a 1000 bit-long number that is COMPLETELY random.
With this system perhaps it's possible to emulate the electric fields that generate the random number. Admittedly, with any complexity at all (as in a chip) this becomes impractical to do, but hey, why go for almost random when you can have truly random?
Man, you know you're hardcore when you get excited about a built in random number generator.
Sample convo after purchase:
[girlfriend] Honey, what is that?
[you] (with great awe) The Vee-Eye-Aye Nehemiah C3 CPU with-
[girlfriend] How much did that cost?
[you] Wait, lemme finish-
[girlfriend] Rent. Where is it.
[you] But it has a-
[girlfriend] You are not going to tell me that you spent our next month's rent on that *censored* piece of plastic.
[you] (correcting happily) Silicone!
You stare off. Slowly, you speak.
[you] But it has a...random..number...generator. For strong...uh...crypto. You know, cryptography? Big numbers? Random?
*the sound of footsteps trail away from you*
[you] Honey?
Despite my best efforts at randomly naming folders and subfolders, and randomly placing permissions on them, and then randomly naimg the files without any type of extension on them, my girlfriend is able to quickly locate and identify my porn - even though she barely knows how to operate a computer in general, let alone Linux. She is a natural at breaking encryption.
* Freewheeling means that these oscillators are not tied to a crystal, and the frequency they oscillate at is not precisely locked at any exact rate (as would be the case if it employed a crystal.) These minute variations in frequency are the source of entropy the chip designers are actually gathering.
The sampled bits are then "whitened" to reduce biases, and the whitened bits are stored in a FIFO queue until used.
The paper in the article explains all this, and it talks about a couple of other cool cryptogeek features. You can change the bias voltage via CPU instruction (which would affect the jitter,) but each request of "randomness" comes with a pedigree indicating what bias settings were used! Finally, Cryptography Research's testing showed that they believe the chip (with whitening enabled) is capable of generating bits with an entropy of 0.99 bits/output bit, although they recommend trusting only a conservative entropy factor of about 0.75 bits/output bit. And since it generates bits at a rate of 30-50 million bits per second, most applications can probably afford to throw away a few in the name of entropy.
John
I remember when Cyrix had it's 100MHz CPUs with huge fans and everybody tweaked them to 133MHz, every long-term calculation on that involving FPU would give random numbers as the result... ;-)
So, where is the novelty?
iThink iHate iMod
You know, when you're able to use quote marks (" for example) in a written medium, you really don't need to spell out quote unquote as well. It really just doesn't make any sense - we can see the quote marks you used, spelling that idiom out doesn't add anything. People sometimes say "quote unquote" because you can't see the quote marks in their speech. Even this practice is ill-advised as it makes one sound like a drooling marketdroid (e.g. "At the end of the day, we need to quote unquote actualize profits by exceeding expenses with net income in order to meet quote-unquote business objective. Take an action quote-unquote item").
This is the most bizarre thing I've seen all day. Please don't do it again. Thank you.
XML causes global warming.
Actually, the random number generator is the math coprocessor. And they are not even the first to think about this: such techniques were pioneered by Intel in the first Pentiums
Is this a troll? Nevertheless, it is stupid, for a few reasons: 1) The Mersenne Twister is not cryptographically secure. 2) Even if it were, it would still need to be seeded with entropy, such as the kind provided by the VIA generator. 3) There's a big difference between entropy and pseudo-random numbers, anyway. 4) Entropy is crucial in many security-related applications. Of course, given sufficient entropy, you can stretch it out with a good cryptographic PRNG.
The Beatle random number generator:
number 9
number 9
number 9
The monty python random number generator:
6, no 8...AAAAaaahhhhhhh
the ask a person to guess a number between 1-10 random number generator
7
3
the Slashdot random number generator
3.14, 1701, 2001, 69, 1337
The Microsoft Random number generator
7,7,7,7 yes its random, says so in the eula
the pepsi random number generator:
1
the buffy random number generator:
"you dare insult buffy? you are stupid AND you suck."wait, that was the "angery buffy fan response to a minor critque of the show generator"... my bad.
The Kruger Dunning explains most post on
I remmeber going to the university science library when I was 14 to try to find out how to write a program to generate random numbers...found a big yellow book about pseudo-random number generators and thought, no, I want a real random number generator...of course I opened the book and discovered that it is impossible inside a deterministic system...you have to stick an antenna into an external universe...then I thought where the fuck did the universe get noise? Why isn't the universe one big symmetric crystal?
Now I sit here looking at a 2 billion year-old hypernova and no one here can answer this question (There are at least 5 cosmoligists within spitting distance of me right now)...