Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Many modern systems have hardware RNGs, but they may also be using stored seeds.


Yep, there's a stored seed (/etc/random.seed) that gets added to the mix at boot.


> Many

^[which?] ^[citation needed]


On desktops, Intel Ivy Bridge and newer and everything AMD since June 2015.

On mobile, most mobile SoCs include security stuff, Qualcomm seems to have had them since at least the Snapdragon 805. See here for the addition of the RNG to the linux kernel in 2013: https://lwn.net/Articles/570158/

Even common embedded SoCs like those used in the ESP8266 include hardware RNGs.

Really, there's no excuse for not using it as at least one factor. If you're concerned about possible backdoors, xor it with your own CSPRNG in software like the Linux kernel does.


TPM has one too.


Recent AMD and Intel systems with AES-NI provide a hardware RNG. Although as far as I was aware this is not used on OpenBSD for fear of hardware backdoors.


See https://en.wikipedia.org/wiki/RdRand and (same page) https://en.wikipedia.org/wiki/RdRand#Reception for info on concerns about backdrops.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: