The clouds are not random enough
Ben Laurie
benl at google.com
Sun Aug 2 15:53:44 EDT 2009
On Sat, Aug 1, 2009 at 10:06 PM, Jerry Leichter<leichter at lrw.com> wrote:
>> Why Cloud Computing Needs More Chaos:
>>
>> http://www.forbes.com/2009/07/30/cloud-computing-security-technology-cio-network-cloud-computing.html
>>
>> [Moderator's note: ... the article is about a growing problem -- the
>> lack of good quality random numbers in VMs provided by services like EC2
>> and the effect this has on security. --Perry]
>
> The problem is broader than this. A while back, I evaluated a technology
> that did it best to solve a basically insoluble problem: How does a server,
> built on stock technology, keep secrets that it can use to authenticate with
> other servers after an unattended reboot? Without tamper-resistant hardware
> that controls access to keys, anything the software can get at at boot, an
> attacker who steals a copy of a backup, say - can also get at. So, the
> trick is to use a variety of measurements of the hardware - amount of
> memory, disk sizes, disk serial numbers, whatever you can think of that
> varies from machine to machine and is not stored in a backup - and combines
> them to produce a key that encrypts the important secrets. Since hardware
> does need to be fixed or upgraded at times, a good implementation will use
> some kind of "m unchanged out of n measurements" algorithm. Basically, this
> is the kind of thing Microsoft uses to lock license keys to particular
> instances of hardware. Yes, it can be broken - but you can make breaking it
> a great deal of work.
>
> Virtualization changes all of this. Every copy of a virtual machine is will
> be identical as far as most of these measurements are concerned.
I'd imagine (I'm not particularly interested in licence enforcement,
so I really am imagining), that the opposite was the problem: i.e.
that the host could run you on any VM which might have wildly varying
characteristics, depending on what the real machine underneath was,
and what else you were sharing with. So, every time you see the
measurements, they'll be different.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list