[Cryptography] /dev/random is not robust

Eugen Leitl eugen at leitl.org
Thu Oct 17 23:02:23 PDT 2013


----- Forwarded message from Theodore Ts'o <tytso at mit.edu> -----

Date: Thu, 17 Oct 2013 17:29:52 -0400
From: Theodore Ts'o <tytso at mit.edu>
To: David Mercer <radix42 at gmail.com>
Cc: Cryptography Mailing List <cryptography at metzdowd.com>
Subject: Re: [Cryptography] /dev/random is not robust
Message-ID: <20131017212952.GC14512 at thunk.org>
User-Agent: Mutt/1.5.21 (2010-09-15)

On Fri, Oct 18, 2013 at 03:43:08AM +0800, David Mercer wrote:
> 
> Sometime in the last two months I described the somewhat widespread issue
> at VM hosting/cloud providers of provisioning VM's with the same
> /dev/urandom seed from the image template. firstboot scripts typically only
> get run at image generation, and then the urandom seed is frozen in amber,
> as it were, in the VM image template file. It is a fairly trivial fix to
> re-seed it from /dev/random (one line in the right place).

Yeah, there are some people (including Dustin Kirkland at Canonical)
working on automated provisioning of random seeds from the hypervisor
to the guest kernels.

If you are compiling your own guest kernel, and the hypervisor
supports it, using virtio-rng which allows the guest to use the host
OS's /dev/random to bootstrap its local entropy pool is almost
certainly the Right Thing.

Cheers,

					- Ted
_______________________________________________
The cryptography mailing list
cryptography at metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5



More information about the cypherpunks mailing list