“We cannot trust” Intel and Via’s chip-based crypto, FreeBSD developers say

http://arstechnica.com/security/201...ias-chip-based-crypto-freebsd-developers-say/

http://www.theregister.co.uk/2013/12/09/freebsd_abandoning_hardware_randomness/

https://wiki.freebsd.org/201309DevSummit/Security
http://www.freebsd.org/news/status/report-2013-09-devsummit.html#Security

 

"We trust cmp but we don't trust RDRAND" - idiots.

 

Would it make sense to ignore the possibility that the RDRAND instruction and random number generator are rigged, using "but other instructions/circuitry... MOV and CMP... could be rigged too!" as justification? I don't think so.

 

If you think intel is backdooring their system you don't just blacklist a single instruction. If your hardware is backdoored on that level you have way bigger problems - this is no solution at all but to stop trusting it entirely.

 

An all or nothing mentality like that sounds reasonable and arguably would be *if* we knew that the chips in question *are* rigged. Unfortunately, we don't know whether they are or are not, and we may never know. That "you have way bigger problems" is actually a jump/assumption. One of the "yes, they are rigged" possibilities that we can't throw out the window is that it is just RDRAND that is rigged. Another possibility would be that there is other/additional rigging but addressing RDRAND still provides some protection in at least some scenarios. IOW, addressing the RDRAND threat scenario may in fact be of benefit!

I think this is a "we've identified a specific thing of obvious, logical concern... there are relatively easy ways to address it... addressing it would be of benefit if certain scenarios are true... wouldn't solve all possible problem scenarios though" type situation. A "do we take a practical, conservative step to protect ourselves against a possibility even though it may not actually occur or be the only possibility that bites us" question. A rather common question in engineering I would say, and certainly one that comes up in privacy/security contexts all the time. In general, and in this context, I would ask: Is there a better argument against such a step than "it won't protect against all possible threat scenarios"?

 

RDRAND is considered insecure for no other reason than a lack of trust in intel. Intel is the threat vector, not RDRAND, by their own decree. Therefor their response is nonsense.