<gushing advert>

Over the past week or so, several articles have turned up in such esteemed publications as Slashdot linking to Forbes.com and Information Week regarding the fact that cloud computers have issues getting at those precious bits of entropy required to secure SSL transactions and the like.

Indeed, modern GNU/Linux distributions, and various other operating systems, rapidly consume the available entropy during normal operations. Ubuntu 9.04, at least, uses ASLR in order to reduce the effectiveness of attacks since no two shells will have the same layout of address space etc. You can read more about ASLR on Wikipedia if you want to. Essentially, ASLR is done by reading 64 bits of data from /dev/urandom during process startup and then using that to seed a PRNG which is then used to peturb the layout of the dynamically loaded objects in the process. Indeed if the process itself is compiled appropriately then the main executable can be moved about from process start to process start.

All this, unfortunately, depletes the pool of entropy available to the system. Fortunately /dev/urandom continues to work when the pool is depleted, and indeed will not reduce the pool below a threshold value regardless of how much it is used. However this does open the door to the question of whether or not there might be an attack related to causing a server to spawn enough processes that it has insufficient entropy to subsequently establish a good SSL session or similar.

Normally a Linux system will gather entropy from such things as the miniscule differences in HDD response times, interrupts from keyboards and mice, etc. However a virtual computer (KVM, VMWare, Cloud system etc) doesn’t tend to have a real HDD, or in many cases, any useful amount of interactivity to produce entropic events to be measured. This results in cloud computers often having little to no entropy and no real way of gathering more. Some people believe this leads to being able to predict the random pool of one virtual machine, using the pool of a clone of it.

When Simtec first started talking about the Entropy Key we were inundated with people interested in whether or not it’d help for virtual machines. Initially we assumed it would, but after spending a long time poking at the Linux kernel, at KVM etc, we determined that unfortunately it wouldn’t usefully help in the state it was in. So, I spent some time and updated the Entropy Key’s host software to support the EGD’s protocol, over both unix domain sockets and TCP. This, along with another simple tool which can connect to an EGD socket and push entropy into the Linux random pool, means that we have an, admittedly network-reliant, excellent way to push entropy from one host with a physical Entropy Key, to one or more systems for use in their random pools.

When the Entropy Key is released, the host software will be released as free software (under the MIT licence) and as such we hope that if anyone else has any cool ideas, for helping with getting entropy to cloud computers, they will send patches. I’m exceedingly proud that we’re releasing the host software under a F/LOSS licence and I hope that anyone who runs lots of VMs will be interested in this latest development in the host software too. If you are interested, be sure to check out the Entropy Key Website and send us a mail if you want to be told when retail units become available.

</gushing advert>

Comments on this page are closed.