Why 'Bull Mountain' Makes Ivy Bridge More Secure

Intel pulled back the curtain this week to unveil a lineup of new Ivy Bridge processors. Most of the focus on the Ivy Bridge CPUs is on the faster performance, and more efficient power consumption. But, beneath the surface Intel has incorporated a feature that also makes Ivy Bridge more secure than its predecessors--“Bull Mountain”.

Bull Mountain is the code name for Intel’s new random number generator technology. Why is that important? Random numbers are required for effective encryption, and weak random number generators are the Achilles heel of data security.

Encryption is a crucial element of computer and network security. Data is encrypted to prevent it from being accessed or viewed by unauthorized users. Traffic between a PC and a website is encrypted to ensure sensitive information like passwords or credit card information aren’t intercepted in transit.

The fatal flaw of encryption is that it relies on randomness to generate strong encryption keys, but computers aren’t random. The ones and zeros that bounce around the PC and across the Internet are fundamentally predictable. Granted, even weak encryption is enough to prevent data from being compromised in most cases, but skilled attackers can exploit a weak random number generator to crack the encryption.

Commenting on a discovery by researchers that a small percentage of public encryption keys can be cracked, Bruce Schneier, Chief Security Technology Officer for BT and a respected expert on encryption suggested that the weakness is probably related to the random number generator used to create the keys.

Schneier explained in a blog post, “One of the hardest parts of cryptography is random number generation. It's really easy to write a lousy random number generator, and it's not at all obvious that it is lousy.”

Because computers are not random, programmers use pseudorandom number generators to create random numbers. The pseudorandom number generators need a seed value to start with, though, and ultimately aren’t really random. If you know the seed value, you can determine all of the “random” numbers that follow from it. That's where Bull Mountain comes in.

Random number generators use a lot of different tricks to get the initial seed value. Things like keys pressed on the keyboard, time of day, or movements of the mouse are all things that seem relatively random at face value, and can be used to create a seed value. Those events are still predictable within certain parameters, though, and give attackers a range to narrow down the target.

Intel developed Bull Mountain to enable stronger, more reliable encryption. Bull Mountain uses sophisticated techniques to generate random numbers in the CPU hardware instead of using software-based pseudorandom number generators. Programmers can tap into Bull Mountain to retrieve random numbers as needed.

Intel claims Ivy Bridge delivers a theoretical performance boost of 37 percent over previous CPUs. Ivy Bridge also consumes less power and extends battery life for laptops and ultrabooks. Thanks to Bull Mountain, Ivy Bridge also provides stronger encryption and a more secure system.

Subscribe to the Security Watch Newsletter