An Intel hardware based digital random number technology could mitigate recent RSA security flaw

Mathematicians from Europe and the United States are reporting a flaw in the RSA encryption method that apparently hinges on crypto keys being created with insufficient randomness. You can read more about this story in a NY Times article by John Markoff entitled, “Flaw Found in an Online Encryption Method” and in an IEEE article by Sam Moore entitled, “RSA Flaw Found”. The researchers submitted their work for publication at a cryptography conference to be held this coming August, but decided to make their research known last Tuesday because they think the issue is an immediate concern to the crypto community and web server operators. A smallish number (27,000) of cases of flawed crypto keys was discovered out of seven or so million crypto keys tested.

The central issue in the flaw is that secret prime numbers generated to create the crypto keys must be generated randomly. The findings indicate that in some cases the prime numbers were not generated in a random enough way, which lead to crypto keys having prime factors in common.

According to Intel’s Greg Taylor, and George Cox (see Behind Intel's New Random-Number Generator), researchers have managed to devise pseudo, random-number generators that are considered cryptographically secure. But you must still start them off using a special seed value; otherwise, they'll always generate the same list of numbers. And for that seed, you really want something that's impossible to predict.

Enter Intel’s digital random number technology, code named Bull Mountain. Bull Mountain is a hardware based digital random number generator which will be released this year when the processor, code named “Ivy Bridge” is launched. Bull Mountain allows digital random numbers to be generated at near clock cycle speeds and with a very high degree of randomness or “entropy” as the crypto folks say it. Using such highly random seeds in the cryptographically secure pseudo random-number generators could help allay the concerns raised by this new research into the RSA flaws.

For more information, you can download the Intel® Bull Mountain Software Implementation Guide and code samples here.

Para obter informações mais completas sobre otimizações do compilador, consulte nosso aviso de otimização.