/dev/random and virtual systems
Paul Wouters
paul at xelerance.com
Mon Aug 2 19:42:39 EDT 2010
On Mon, 2 Aug 2010, Yaron Sheffer wrote:
> In addition to the mitigations that were discussed on the list, such machines
> could benefit from seeding /dev/random (or periodically reseeding it) from
> the *host machine's* RNG. This is one thing that's guaranteed to be different
> between VM instances. So my question to the list: is this useful? Is this
> doable with popular systems (e.g. Linux running on VMWare or VirtualBox)? Is
> this actually being done?
Both xen and kvm do not do this currently. It is problematic for servers.
Paul
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list