Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Thu May 27 1999 - 23:44:23
Vin McLellan (vin@shore.net)
Tue, 27 Apr 1999 14:12:38 -0400
Intel's new 810 chipset, announced yesterday, is first to offer
Intel's chip-based RNG, which is described as the first of a series of new
cryptographic functions which will be available in Intel's future chipsets
and microprocessor. From the Product Overview of the 810 chipset:
>The 82802 Firmware Hub (FWH) stores system BIOS and video BIOS,
>eliminating a redundant nonvolatile memory component. In addition, the
>82802 contains a hardware Random Number Generator (RNG). The Intel® >RNG
provides truly random numbers to enable fundamental security >building
blocks supporting stronger encryption, digital signing, and >security
protocols.
See: <http://developer.intel.com/design/chipsets/810/index.htm>
On the same day, Intel and RSADSI also announced that RSA's BSAFE
Crypto-C and Crypto-J development toolkits have been enhanced to allow them
to access the RNG on the new Intel chips to obtain a "random seed," a
small number of unpredicable, high enthropy bits used to create
cryptographic keys and to support other crypto functions.
Sez RSA, at www.rsa.com:
>> In a few milliseconds, the Intel RNG can produce the random seeds that
>>Crypto-C or Crypto-J will use to generate all the keys and challenges
>>needed by an application. This is intended to be a much faster, more
>>convenient and secure method than software-based seeding mechanisms
>>which may require user input via the mouse or keyboard.
Last January, Intel purchased broad access to RSA cryptosystems,
RSA-branded code modules, and RSA Labs' consulting services. The
announcement of the Intel RNG and the enhanced BSAFE kits is said to be
only the first in a series of interlocking systems which will unveiled in
future Intel annoucements. Intel has earlier said that it will freely
distribute RSA's BSAFE Crypto-C software development kit to all registered
Intel developers.
Intel has also arranged for RSA crypto engineers to help support
third party developers who will be creating new security apps, or adding new
cryptographic functions to older applications, and want to take advantage of
the new functionality planned for the Intel chipsets.
>> The Intel hardware-based Random Number Generator harnesses system
>>thermal noise to generate truly random and indeterministic values. The
>>generator is free running, accumulating random bits of data in a 32-bit
>>buffer which are then accessed by RSA's Crypto-C or Crypto-J software
>>through the Intel Security Driver.
RSA BSAFE Crypto-C software employs the BSAFE Hardware API (BHAPI)
to provide an interface to the Intel hardware. For Crypto-C modules, see:
<http://www.rsa.com/rsa/products/cryptoc/index.html>
The Crypto-J product uses the Java Native Interface (JNI) to call a
library that interfaces with the Intel hardware. For Crypto-J features,
see: <http://www.rsa.com/rsa/products/cryptoj/specs.html>
BSAFE toolkits, as most of the Listocracy here will know, include
RSA-branded code modules for the most widely used cryptosystems, including
DES, 3DES, RC2, RC4, RC5, MD4/5, SHA-1, RSAPKC, DSA, and Diffie-Hellman
-- as well as Elliptic Curve Cryptography (ECC). BSAFE modules support
digital signatures and X509 certificates; are designed around RSA's own PKCS
series of de-facto industry standards. They are, of course, fully
compatable with SSL, SET, IPsec, and S/MIME.
Hope this doesn't sound like a pitch. It seemed to be information
that developers would want to know ASAP. I am, however, a consultant to
SDTI, RSA's parent company.
Suerte,
_Vin
--------
"Cryptography is like literacy in the Dark Ages. Infinitely potent,
for good and ill... yet basically an intellectual construct, an idea,
which by its nature will resist efforts to restrict it to bureaucrats
and others who deem only themselves worthy of such Privilege."
_A Thinking Man's Creed for Crypto _vbm
* Vin McLellan + The Privacy Guild + <vin@shore.net> *
53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548
The following archive was created by hippie-mail 7.98617-22 on Thu May 27 1999 - 23:44:23