Wednesday, September 18, 2013

Intel KNEW for NSA trap function in RNG earlier than anyone else !

How Intel could know and nobody else? Intel actually has mobile division in Israel that manages security issues. Look at the date of  Composer XE 2013 Update 1 murky named as composer_xe_2013.1.117: 01.17.2013 ! That is 9 months earlier than NIST have published its RDRAND intristic as INSECURE.
99% BAD HARDWARE WEEK: Any strong encryption is based on RNG !. 13.6.2013 we find the following reference to Broadwell:
The difference between rdseed and rdrand intrinsics is that rdseed intrinsics meet the NIST
SP 800-90B and NIST SP 800-90C standards, while the rdrand meets the NIST SP 800-90A
extern unsigned char _addcarry_u32(unsigned char c_in, unsigned int
src1, unsigned int src2, unsigned int *sum_out);
extern unsigned char _addcarry_u64(unsigned char c_in, unsigned
__int64 src1, unsigned __int64 src2, unsigned __int64 *sum_out);
The intrinsic computes the sum of two 32/64 bit wide integer values (src1, src2) and a carryin value. The carry-in value is considered 1 for any non-zero c_in input value or 0 otherwise.
The sum is stored to a memory location referenced by sum_out argument:
*sum_out = src1 + src2 + (c_in !=0 ? 1 : 0)
The intrinsic does not perform validness check of a memory address pointed by sum_out thus
it cannot be used to find out if a sum produces carry-out without storing result of the sum. The
return value of the intrinsic is a carry-out value generated by sum. The sum result is stored into
memory location pointed by sum_out argument.
Thus, Intel is not anymore alone INSIDE !

Comments: Post a Comment

<< Home

This page is powered by Blogger. Isn't yours?