问题
So far I know that the TPM is using thermal noise for generating true random numbers. But I'm also sure that the TPM uses more sources for the entropy. In that that keystroke timings, drive seek time, or clock jitter would be possibilities. But which sources does the TPM use? And how does it convert them into a true random number?
回答1:
How a TPM's random number generator has to look like can be read in the specification. For TPM 1.2, I link this PDF: Part 1 Design Principles
When you look at section 4.2.5 Random Number Generator you get a good idea how it works in general. However, how a certain TPM's RNG works is an implementation detail and is up to the manufacturer. However, the specification mentions some possible entropy sources:
types of sources could include noise, clock variations, air movement, and other types of events
The conversion to a random number is done using a state machine and a mixing function. Again, implementation is vendor specific. I cite:
The RNG consists of a state-machine that accepts and mixes unpredictable data and a post-processor that has a one-way function (e.g. SHA-1). The idea behind the design is that a TPM can be good source of randomness without having to require a genuine source of hardware entropy.
来源:https://stackoverflow.com/questions/33941957/how-does-the-trusted-platform-module-generate-its-true-random-numbers