----- Forwarded message from Jeffrey Walton <noloader@gmail.com> ----- Date: Sat, 20 Jul 2013 16:09:05 -0400 From: Jeffrey Walton <noloader@gmail.com> To: Peter Bowen <pzbowen@gmail.com> Cc: cryptography@randombit.net Subject: Re: [cryptography] [liberationtech] Random number generator, failure in Rasperri Pis? Reply-To: noloader@gmail.com On Sat, Jul 20, 2013 at 2:57 AM, Peter Bowen <pzbowen@gmail.com> wrote:
On Fri, Jul 19, 2013 at 10:35 PM, Yaron Sheffer <yaronf@porticor.com> wrote:
A few months ago I posted a query to the Amazon Web Services (the largest public cloud, running on Xen) forum on whether they're using libvirt for this purpose, and it was never answered. Does anybody around here have a clue?
Amazon EC2 does not support virtio-rng today. Finding good sources of entropy in a virtual machine is always hard, so solutions like virtio-rng and Intel's RDRAND instruction can be very useful. Also see:
When Good Randomness Goes Bad: Virtual Machine Reset Vulnerabilities and Hedging Deployed Cryptography, http://pages.cs.wisc.edu/~rist/papers/sslhedge.pdf When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments, https://www.usenix.org/legacy/event/hotos05/final_papers/full_papers/garfink... Jeff _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5