diff options
author | Jeffrey Walton <noloader@gmail.com> | 2016-06-14 22:14:35 -0400 |
---|---|---|
committer | Jeffrey Walton <noloader@gmail.com> | 2016-06-14 22:14:35 -0400 |
commit | d3e566da61ec2b9aa085253bb478295113a853b3 (patch) | |
tree | 999e8d8b7bf9b9bffec1d8a55c2819ae52a8e1f3 /rdrand.h | |
parent | 2efe26a418bc89e2cff09b113628cd26d3753e09 (diff) | |
download | cryptopp-git-d3e566da61ec2b9aa085253bb478295113a853b3.tar.gz |
Update comments for Intel RDRAND circuit and underflow
Diffstat (limited to 'rdrand.h')
-rw-r--r-- | rdrand.h | 11 |
1 files changed, 7 insertions, 4 deletions
@@ -42,10 +42,13 @@ public: //! \param retries the number of retries for failed calls to the hardware
//! \details RDRAND() constructs a generator with a maximum number of retires
//! for failed generation attempts.
- //! \details Empirical testing under a 6th generaton i7 (6200U) shows RDSEED fails
- //! to fulfill requests at about 6 to 8 times the rate of RDRAND. The default
- //! retries reflects the difference.
- RDRAND(unsigned int retries = 12) : m_retries(retries) {}
+ //! \details According to DJ of Intel, the Intel RDRAND circuit does not underflow.
+ //! If it did hypothetically underflow, then it would return 0 for the random value.
+ //! Its not clear what AMD's behavior will be, and what the returned value will be if
+ //! underflow occurs.
+ //! Also see <A HREF="https://lists.randombit.net/pipermail/cryptography/2016-June/007702.html">RDRAND
+ //! not really random with Oracle Studio 12.3 + patches</A>
+ RDRAND(unsigned int retries = 4) : m_retries(retries) {}
virtual ~RDRAND() {}
|