Thankfully, AMD will have AGESA microcode updates out soon to rectify this issue across all Zen 5 CPUs. In the meantime (for chips that don't have the mitigation yet), AMD recommends its users switch to its unaffected 64-bit form of RDSEED or switch to a software fallback.
Follow Tom's Hardware on Google News , or add us as a preferred source , to get our latest news, analysis, & reviews in your feeds.
Aaron Klotz Social Links Navigation Contributing Writer Aaron Klotz is a contributing writer for Tom’s Hardware, covering news related to computer hardware such as CPUs, and graphics cards.
JRStern >hardware-based random number generator Kinky. How long has this been going on? Computer processors have offered hardware-based random number generators since at least 1951 with the Ferranti Mark 1, which used electrical noise to generate random bits. However, more modern, widely available on-chip hardware random number generators like Intel's RDRAND instruction were introduced much later, starting around 2012 with the Ivy Bridge architecture, with AMD adding support in 2015. Hah! Who knew, not me. I did test out Microsoft's random number generator API a few years back and was pretty amazed, I didn't test its randomness but at least I was able to generate millions without a duplicate. Didn't know it was done with hardware support but looks like it would have been. Reply
DS426 Two questions for the Linux community: why wouldn't devs switch the Linux kernel to forced used of 64-bit RDSEED instead of disabling it entirely on Zen 5? What is used as the next-in-line alternative as a truly random number seed generator? Just curious. Reply
DS426 JRStern said: >hardware-based random number generator Kinky. How long has this been going on? Hah! Who knew, not me. I did test out Microsoft's random number generator API a few years back and was pretty amazed, I didn't test its randomness but at least I was able to generate millions without a duplicate. Didn't know it was done with hardware support but looks like it would have been. It gets even more sexy when they starting talking about entropy. Reply
JRStern DS426 said: It gets even more sexy when they starting talking about entropy. Yah. I know some about this, and some small amount about encryption keys, and have been noodling around prime numbers for the last week. There is some strange and wonderful stuff floating around, that people have done. If your keys are so long, and so hard to break, then why do they have to be random, too? I don't care so much about crypto, my main concern was generating globally unique keys, a somewhat different game, but hey. Reply
DS426 JRStern said: …If your keys are so long, and so hard to break, then why do they have to be random, too?… Long keys and hard to break are two different things. Long numbers or character strings are hard to guess using brute force. Keys are hard to break when they are both long and their seed is unpredictable. If you can predict the seed, you can calculate the long number or character string of the key just as cryptography uses in the first place to initially generate the key. If the seed is unpredictable due to high entropy, you're able to have proper crypto, such as the Public Key Cryptography like TLS (previously SSL) that secures data across the dangerous internet. If you're just looking to get a random value from whatever input and don't need reversible encryption, you can use something like SHA256 or higher to generate a character string from a file or whatever binary object. As long as the binary data is different, the result will always be different (ignoring collisions which become exponentially less likely for longer SHA functions like SHA512). Just be aware it's a deterministic function. Might not be practical for what you're trying to do but just some food for thought. Reply
phxrider What does this affect that the average person would use (not cryptography developers)? Not arguing against keeping chipset drivers up to date, just determining what the rational freak-out level is. Reply
Key considerations
- Investor positioning can change fast
- Volatility remains possible near catalysts
- Macro rates and liquidity can dominate flows
Reference reading
- https://www.tomshardware.com/pc-components/cpus/SPONSORED_LINK_URL
- https://www.tomshardware.com/pc-components/cpus/amd-confirms-security-vulnerability-on-zen-5-based-cpus-that-generates-potentially-predictable-keys-rdseed-fix-coming-through-an-agesa-firmware-update-for-desktop-chips#main
- https://www.tomshardware.com
- [Daily Due Diligence] NVDA NVDA
- AMD clarifies its clarifications on controversial RDNA 1 and 2 driver note — company will continue game optimization support after all
- Early Black Friday PC and hardware deals — sales and deals on components, accessories, and 3D printers already live
- Prusa has a full month of Black Friday deals on 3D printers and accessories, including $300 free bundle with some models — Get the Rolls-Royce of 3D printers wi
- Microwave repurposed into slick custom All-in-One PC — door serves as display, motherboard rotates on the turntable, and Stream Deck used for keypad
Informational only. No financial advice. Do your own research.