The clouds are not random enough

Jerry Leichter leichter at lrw.com
Sat Aug 1 17:06:16 EDT 2009 

> Why Cloud Computing Needs More Chaos:
> http://www.forbes.com/2009/07/30/cloud-computing-security-technology-cio-network-cloud-computing.html
>
> [Moderator's note: ... the article is about a growing problem -- the
> lack of good quality random numbers in VMs provided by services like  
> EC2
> and the effect this has on security. --Perry]
The problem is broader than this.  A while back, I evaluated a  
technology that did it best to solve a basically insoluble problem:   
How does a server, built on stock technology, keep secrets that it can  
use to authenticate with other servers after an unattended reboot?   
Without tamper-resistant hardware that controls access to keys,  
anything the software can get at at boot, an attacker who steals a  
copy of a backup, say - can also get at.  So, the trick is to use a  
variety of measurements of the hardware - amount of memory, disk  
sizes, disk serial numbers, whatever you can think of that varies from  
machine to machine and is not stored in a backup - and combines them  
to produce a key that encrypts the important secrets.  Since hardware  
does need to be fixed or upgraded at times, a good implementation will  
use some kind of "m unchanged out of n measurements" algorithm.   
Basically, this is the kind of thing Microsoft uses to lock license  
keys to particular instances of hardware.  Yes, it can be broken - but  
you can make breaking it a great deal of work.

Virtualization changes all of this.  Every copy of a virtual machine  
is will be identical as far as most of these measurements are  
concerned.  Conversely, if you try to let the physical level show  
through - e.g., use the disk serial number of the real disk on which a  
virtual disk lives - you disrupt some of the things VM's are trying to  
provide, lie easy transportability of instances from one hardware  
"home" to another.  The last I heard about the technology I looked at,  
they didn't have any good solution for VM's (though I haven't kept up  
and don't know the current status).

Ultimately, the only solution is for hypervisors to take on some  
security roles - passing along unforgeable ID's and random numbers  
from hardware and other resources that they have access to but do not  
export to the guest OS's. That doesn't *solve* the problem.  It puts  
us back where we were before the virtualization craze:  Needing to  
write a secure OS and various secure
services.  However, since hypervisors are much smaller and *much* more  
limited in operation than full OS's, so the problems may be  
correspondingly easier to solve.
                                                         -- Jerry


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list