[cryptography] [liberationtech] Random number generator, failure in Rasperri Pis?

Jeffrey Walton noloader at gmail.com
Sat Jul 20 16:09:05 EDT 2013


On Sat, Jul 20, 2013 at 2:57 AM, Peter Bowen <pzbowen at gmail.com> wrote:
> On Fri, Jul 19, 2013 at 10:35 PM, Yaron Sheffer <yaronf at porticor.com> wrote:
>> A few months ago I posted a query to the Amazon Web Services (the
>> largest public cloud, running on Xen) forum on whether they're using libvirt
>> for this purpose, and it was never answered. Does anybody around here have a
>> clue?
>
> Amazon EC2 does not support virtio-rng today.  Finding good sources of
> entropy in a virtual machine is always hard, so solutions like
> virtio-rng and Intel's RDRAND instruction can be very useful.
Also see:

When Good Randomness Goes Bad: Virtual Machine Reset Vulnerabilities
and Hedging Deployed Cryptography,
http://pages.cs.wisc.edu/~rist/papers/sslhedge.pdf

When Virtual is Harder than Real: Security Challenges in Virtual
Machine Based Computing Environments,
https://www.usenix.org/legacy/event/hotos05/final_papers/full_papers/garfinkel/garfinkel.pdf

Jeff


More information about the cryptography mailing list