94020401.HTM

Path: cactus.org!milano!cs.utexas.edu!sdd.hp.com!mips!mips!munnari.oz.au!comp.
+     vuw.ac.nz!waikato.ac.nz!aukuni.ac.nz!cs18.cs.aukuni.ac.nz!pgut1
Newsgroups: sci.crypt

Subject: Re: IBM-PC random generator, source included
Message-ID: <1992Jul1.073405.906@cs.aukuni.ac.nz>
From: pgut1@cs.aukuni.ac.nz (Peter Gutmann)
Date: Wed, 1 Jul 1992 07:34:05 GMT
Sender: pgut1@cs.aukuni.ac.nz (PeterClaus          Gutmann        )
Organization: Computer Science Dept. University of Auckland
Keywords: MD5, hashing, CRC
Lines: 36

Attempt #2 - looks like the previous posting of this never made it out...
			    -----------------

In message <1992Jun23.080147.15804@cactus.org>, death rays from Mars made
     Terry Ritter (ritter@cactus.org) write:

>Note that the claim of "two" oscillator crystals is limited to AT+ designs.
>In the original IBM PC, a single 14.318 MHz crystal was divided to provide
>clock to both the CPU and the timer.

There is a solution to this.  Every PC contains not one or two, but probably a
dozen or more oscillators.  There are one or two on the motherboard, maybe one
or two on the FDC (unless it's an IDE paddle card or something), one or two on
serial I/O cards, several on video cards, etc etc.  For example, the 6845 CRTC
makes the status of the hsync signal and the video bit stream available at port
0x3BA.  The hsync signal would change around 50-60 x 300-800 times a second
(depending on video modes etc), but would have a strange duty cycle (and I
don't know what it would do during a vertical retrace).  The video bitstream
would also be somewhat random, especially when sampled at random times.  You
could mix these in to Nico's generator to obtain slightly more randomness,
though the video bitstream may not be too worthwhile in the case of, for
example, a blank screen.  Hmm..my collection of Motorola data sheets skips from
6843 to 6850 so I can't check this, but there is other information available
from the 6845 which may be usefully random(ish).  I wonder if there are any
clock-like signals you can grab off an FDC or I/O card?  Doesn't the RTC have a
100 ths-of-a-second clock?  If you've got a bus mouse you can use it's 30 Hz
interrupt (which is generated by a non-motherboard clock) as well....

Something to think about:  Is it safe to rely on any of this "randomness" under
OS/2 which virtualizes the hardware?

Peter.
--
    pgut1@cs.aukuni.ac.nz || peterg@kcbbs.gen.nz || peter@nacjack.gen.nz
			       (In order of preference)