/dev/random and virtual systems

[Paul Hoffman]

At 10:38 PM +0300 8/2/10, Yaron Sheffer wrote:
>the interesting thread on seeding and reseeding /dev/random did not mention that many of the most problematic systems in this respect are virtual machines. Such machines (when used for "cloud computing") are not only servers, so have few sources of true and hard-to-observe entropy. Often the are cloned from snapshots of a single virtual machine, i.e. many VMs start life with one common RNG state, that doesn't even know that it's a clone.
>
>In addition to the mitigations that were discussed on the list, such machines could benefit from seeding /dev/random (or periodically reseeding it) from the *host machine's* RNG. This is one thing that's guaranteed to be different between VM instances. So my question to the list: is this useful? Is this doable with popular systems (e.g. Linux running on VMWare or VirtualBox)? Is this actually being done?

It is certainly doable: put a "file" on the host whose contents are random and change every second. On the VM, read that file on wakeup or boot and mix it into /dev/random. This guarantees a different value for each wakeup/boot, but not that every cloned machine that starts will have a unique state (because they might start within the same refresh. If you need that, you probably want to automatically mix a microsecond-accurate time at the same time.

--Paul Hoffman, Director
--VPN Consortium

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com