Boffin: Dump hardware number generators for encryption and instead look within


Hardware-based random number generators (HWRNGs) for encryption could be superseded after a Philippines-based researcher found that side-channel measurement of the timing of CPU operations provide enough entropy to seed crypto systems with the necessary randomness.

In a paper presented on Saturday at the International Conference on Innovative Research in Science, Technology and Management (ICIRSTM) in Singapore, JV Roig, consulting director and software developer at Asia Pacific College (APC) in the Philippines, says that HWRNGs represent a natural target for subversion by national intelligence agencies due to their black-box nature.

Read more…
Source: The Register