User manual VIA C5P WHITE PAPER
Lastmanuals offers a socially driven service of sharing, storing and searching manuals related to use of hardware and software : user guide, owner's manual, quick start guide, technical datasheets... DON'T FORGET : ALWAYS READ THE USER GUIDE BEFORE BUYING !!!
If this document matches the user guide, instructions manual or user manual, feature sets, schematics you are looking for, download it now. Lastmanuals provides you a fast and easy access to the user manual VIA C5P. We hope that this VIA C5P user guide will be useful to you.
Lastmanuals help download the user guide VIA C5P.
Manual abstract: user guide VIA C5PWHITE PAPER
Detailed instructions for use are in the User's Guide.
[. . . ] VIA C5P Security Application Note
Version 0. 98
This is Version 0. 98 of the VIA C5P Security Application Note.
© 2003 VIA Technologies, Inc. All Rights Reserved.
VIA Technologies and Centaur Technology reserve the right to make changes in its products without notice in order to improve design or performance characteristics. This publication neither states nor implies any representations or warranties of any kind, including but not limited to any implied warranty of merchantability or fitness for a particular purpose. No license, express or implied, to any intellectual property rights is granted by this document. [. . . ] The primary reasons for using a hybrid approach (as opposed to a pure hardware-based or pure entropy based approach) are (1) the historically slow speed of entropy and hardware generators, and (2) the lack of perfect randomness in the hardware or entropy generators. While the VIA C3 Nehemiah processor RNG provides
16 17
(In choosing an example, I couldn't resist this name. ) See Menezes et. 186 FIPS 180-1, Secure Hash Standards, U. S. Department of Commerce/NIST, 1995
VIA C5P Security Application Note - 14
both high performance and high quality output, users may choose to use it in conjunction with software based algorithms. Physical Sources In terms of randomness characteristics, entropy generators based on physical phenomena fall in between software generators and quantum based hardware generators. The idea here is to sample some random(?) physical process and assume the samples are truly random. Unfortunately, computers and software tend to be very predictable, so designers must be very careful to ensure that they collect good entropy. For example, a widely used PC encryption program derives its keys from several seconds of mouse movements and keystroke timing (directed by the program). The Linux operating system has random number generators (/dev/random and /dev/urandom) that use entropy generated by the keyboard, mouse, interrupts, and disk drive behavior as the seed. Microsoft's CryptGenRandom function (part of the Microsoft CryptoAPI) is similar. It uses, for instance, mouse or keyboard timing input, that are then added to both the stored seed and various system data and user data such as the process ID and thread ID, the system clock, the system time, the system counter, memory status, free disk clusters, the hashed user environment block, as the seed. Many other similar environmental sources of randomness have been tried. While these physical activities may look random, their randomness cannot be proven, and they run the risk of generating poor entropy (or no entropy) if the sampled physical activity is dormant or repetitive. There are several potential security vulnerabilities when using such physical activities. For example, in networked applications such as browsers, the application traffic between a client and server effectively publishes the locations and sequence of the client's mouse-events. Similarly, users may enable "snap-to" options that center the mouse pointer in the center of the button to be pressed and make the click locations predictable. As a result, the entropy from mouse movements in these environments could be far less than an RNG designer expected. Similarly, asking the user to create entropy using the keyboard creates bias since humans tend to follow certain patterns in typing (such as a tendency to use the center of the keyboard). In summary, it is dangerous to use the entropy values directly as random numbers. Instead, the entropy values are usually used as the seed to a good hash algorithm to produce the final random numbers. (In the Microsoft CryptoAPI and Linux examples, a SHA-1 algorithm is applied to the entropy seeds). Other common problems with entropy generators on computers are that they require hooks in the operating system, they are difficult to test, they often require some user involvement, and they are slow (since they are based on macro physical events). [. . . ] They may also request (please refer to the Programmers Guide for contact information) a copy of our test package. Centaur Technology has learned that OpenBSD (version 3. 4) has incorporated the ACE in it's kernel cryptographic services.
VIA C5P Security Application Note - 26
CHAPTER
CENTAUR SECURITY ROADMAP
In addition to our presence on the desktop, VIA processors are used in a growing number of embedded products. In particular, within the networking infrastructure, where many products aggregate connections to support SSH, SSL, IPSEC, etc. , there is a current need for fast cryptographic processing. VIA has built, and plans to continue building, devices that meet these existing pent-up needs. [. . . ]
DISCLAIMER TO DOWNLOAD THE USER GUIDE VIA C5P Lastmanuals offers a socially driven service of sharing, storing and searching manuals related to use of hardware and software : user guide, owner's manual, quick start guide, technical datasheets... In any way can't Lastmanuals be held responsible if the document you are looking for is not available, incomplete, in a different language than yours, or if the model or language do not match the description. Lastmanuals, for instance, does not offer a translation service. Click on "Download the user manual" at the end of this Contract if you accept its terms, the downloading of the manual VIA C5P will begin.