Randomness is required for a variety of computational, statistical, and security-related applications. In particular, random numbers and the processes used to generate them are a critical component of secure protocols and cryptographic key generation. Security processes that lack adequate sources of randomness will have poor security. Cryptography Research has evaluated the C3 Nehemiah random number generator, which is an on-chip component of the VIA Technologies Nehemiah processor core. When properly used, the generator was found to be a consistent, high-rate source of entropy which we believe is suitable for use in cryptographic and high-assurance applications.
This report analyzes the Nehemiah RNG design, provides an entropy analysis of the source, and provides developer recommendations for proper use of the Nehemiah RNG. Cryptography Research provided no Nehemiah design assistance to VIA Technologies or Centaur Technology.
