[Cryptography] cheap sources of entropy

James A. Donald Jamesd at echeque.com
Sat Feb 1 16:58:58 EST 2014

> At 02:33 PM 1/31/2014, James A. Donald wrote:
>> If you are on a VM, probably have a disk drive with turbulence.
On 2014-02-02 06:38, Bill Stewart wrote:
> Definitely not.  If you're on a VM, you have 0..n virtual disk drives, 
> which the hypervisor simulates from a datastore pool and maybe some cache.

Underneath all that are real material disk drives, which have 
turbulence.  The turbulence causes random and entirely unpredictable 
timing variations, which unpredictability and variation propagate all 
the way to the VM

>   You don't get any access to the real device, even though the 
> hardware drivers look like they're talking to a disk.

You don't need direct access to the real device.  The the real 
turbulence in the real device causes random variation in the time that 
your buffer gets filled.   So just hash the cpu clock into your 
stockpile of randomness every time that you read data that is likely to 
need to come from disk.  And then your VM is reading real randomness 
from real turbulence on the real disk.

More information about the cryptography mailing list