The clouds are not random enough
Jerry Leichter
leichter at lrw.com
Sat Aug 1 17:06:16 EDT 2009
> Why Cloud Computing Needs More Chaos:
> http://www.forbes.com/2009/07/30/cloud-computing-security-technology-cio-network-cloud-computing.html
>
> [Moderator's note: ... the article is about a growing problem -- the
> lack of good quality random numbers in VMs provided by services like
> EC2
> and the effect this has on security. --Perry]
The problem is broader than this. A while back, I evaluated a
technology that did it best to solve a basically insoluble problem:
How does a server, built on stock technology, keep secrets that it can
use to authenticate with other servers after an unattended reboot?
Without tamper-resistant hardware that controls access to keys,
anything the software can get at at boot, an attacker who steals a
copy of a backup, say - can also get at. So, the trick is to use a
variety of measurements of the hardware - amount of memory, disk
sizes, disk serial numbers, whatever you can think of that varies from
machine to machine and is not stored in a backup - and combines them
to produce a key that encrypts the important secrets. Since hardware
does need to be fixed or upgraded at times, a good implementation will
use some kind of "m unchanged out of n measurements" algorithm.
Basically, this is the kind of thing Microsoft uses to lock license
keys to particular instances of hardware. Yes, it can be broken - but
you can make breaking it a great deal of work.
Virtualization changes all of this. Every copy of a virtual machine
is will be identical as far as most of these measurements are
concerned. Conversely, if you try to let the physical level show
through - e.g., use the disk serial number of the real disk on which a
virtual disk lives - you disrupt some of the things VM's are trying to
provide, lie easy transportability of instances from one hardware
"home" to another. The last I heard about the technology I looked at,
they didn't have any good solution for VM's (though I haven't kept up
and don't know the current status).
Ultimately, the only solution is for hypervisors to take on some
security roles - passing along unforgeable ID's and random numbers
from hardware and other resources that they have access to but do not
export to the guest OS's. That doesn't *solve* the problem. It puts
us back where we were before the virtualization craze: Needing to
write a secure OS and various secure
services. However, since hypervisors are much smaller and *much* more
limited in operation than full OS's, so the problems may be
correspondingly easier to solve.
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list