virtualization as a threat to RNG

The Fungi fungi at
Wed Mar 21 19:21:16 EDT 2007

On Tue, Mar 20, 2007 at 08:14:26PM -0400, Dan Geer wrote:
> Quoting from a discussion of threat posed by software virtualization as 
> found in Symantec's ISTR:xi, released today:
> >The second type of threat that Symantec believes could emerge is 
> >related to the impact that softwarevirtualized computers may have on 
> >random number generators that are used inside guest operating systems 
> >on virtual machines.

I will note that, on User-Mode Linux at least, a good approach seems
to be using the UML kernel option/driver to broker access to the host's
entropy via a faked hardware RNG. The down-side is that your host may
well need a boosted entropy source, if you have a lot of guests
using this feature. I'm unsure, however, how other virtualization
platforms handle this issue...
{ IRL(Jeremy_Stanley); PGP(9E8DFF2E4F5995F8FEADDC5829ABF7441FB84657);
SMTP(fungi at; IRC(fungi at; ICQ(114362511);
AIM(dreadazathoth); YAHOO(crawlingchaoslabs); FINGER(fungi at;
MUD(fungi at; WWW(; }

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list