Random Number Generators - high precision - AMD and Intel alike - we need a fix sooner than later
by Andy Flagg, Publication Date: Wednesday, October 30, 2019
View Count: 1374, Keywords: AMD, Intel, RDRAND, Random Number Generation, Failure at 0 Level, Hashtags: #AMD #Intel #RDRAND #RandomNumberGeneration #Failureat0Level
it comes with no surprise that we are seeing random number generator problems on CPU platforms as of late.
With AMD and Intel head to head in competition, this one smacks both of them in the face. This article describes the problem in detail and how one like me programs around this problem at the application layer whereas most rely on the hardware to do the trick.
excerpt -> "The microcode bug in question is a faulty response to the
instruction. Modern x86_64 CPUs—beginning with Intel's Broadwell and
AMD's Zen architectures—are supposed to have high-quality onboard random
number generators (RNGs), which use thermal "noise" to very rapidly
offer high-entropy pseudorandom numbers to anybody with kernel-level
access who wants it. RDRAND
is, in turn, the instruction that provides these random numbers.
All of this is supposed to be fairly failsafe. There's a
CPUID function call that checks for the availability of
RDRAND, and there's also a "carry bit" in the return value from a call to
RDRAND that's supposed to let the calling application know if the CPU's RNG
was unable to generate a sufficiently random number. Unfortunately,
unpatched Ryzen 3000 says "yes" to the
CPUID 01H call, sets
the carry bit indicating it has successfully created the most
artisanal, organic high-quality random number possible... and gives you a
0xFFFFFFFF for the "random" number, every single time."
Conclusion: if my methodology gives randomness and scales to 1 Trillion operations
and 100X that, then we need to rethink how our system engineers who write
this code at the hardware level are going to stay employed.
It's not that hard and to expect better results and high precision, just do a better job intel and amd engineers. I write this level of high precision in SQL all the way up in the stack, and for those not to get it right at level 0 need to go back to computer engineering school and have their graduation certificate and degree revoked and rescinded.
more to come...
if you found this article helpful, consider contributing $10, 20 an Andrew Jackson or so..to the author. more authors coming soon
FYI we use paypal or patreon, patreon has 3x the transaction fees, so we don't, not yet.
© 2021 myBlog™ v1.1 All rights reserved. We count views as reads, so let's not over think it.