By updating its BSAFE Crypto-C and Crypto-J development tools to take advantage of the Random Number Generator (RNG) features in Intel Corp’s 810 chipset, RSA Data Security Inc has followed through on promises it made in January 1999 (CI No 3,578). Software developers can now directly call on Intel hardware to generate random strings which are useful for generating cryptographic keys, explains Tim Matthews, director of product marketing for RSA. Intel uses thermal noise inside the chips to generate a sequence of randomness. Generally speaking, it’s been known for some time that hardware generation is more random than software methods.
The numbers generated by software methods are usually described as pseudorandom, and are not as secure as truly random cryptographic keys. You would have to collect a large initial pool of bits, Matthews observes, obviously, that’s not as appealing to developers. RSA’s effort is not wholly altruistic: Intel has promised to distribute Crypto-C and Crypto-J to the members of its own developer community, so that they can take advantage of the RNG. That could mean hundreds more developers for RSA, Matthews reveals.
