summaryrefslogtreecommitdiff
path: root/posts/super-entropykey-cures-all-known-ailments.mdwn
blob: 01103776da336ae1c66d33403bbadb9423ee68e0 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
[[!meta title="Simtec Entropy Key to solve cloud computing issue?"]]
[[!meta author="Daniel Silverstone"]]
[[!meta date="2009-08-10 17:00:47 +0100"]]
[[!tag tech]]

`<gushing advert>`

Over the past week or so, several articles have turned up in such
esteemed publications as
[Slashdot](http://it.slashdot.org/story/09/08/03/2151225/Entropy-Problems-For-Linux-In-the-Cloud?art_pos=5)
linking to
[Forbes.com](http://www.forbes.com/2009/07/30/cloud-computing-security-technology-cio-network-cloud-computing.html)
and [Information
Week](http://www.informationweek.com/blog/main/archives/2009/07/black_hat_resea_1.html;jsessionid=PKCJTD402XIXTQE1GHRSKHWATMY32JVN)
regarding the fact that cloud computers have issues getting at those
precious bits of entropy required to secure SSL transactions and the
like.

Indeed, modern GNU/Linux distributions, and various other operating
systems, rapidly consume the available entropy during normal operations.
Ubuntu 9.04, at least, uses
<acronym title="Address Space Layout Randomisation">ASLR</acronym> in
order to reduce the effectiveness of attacks since no two shells will
have the same layout of address space etc. You can read more about ASLR
on
[Wikipedia](http://en.wikipedia.org/wiki/Address_space_layout_randomization)
if you want to. Essentially, ASLR is done by reading 64 bits of data
from `/dev/urandom` during process startup and then using that to seed a
PRNG which is then used to peturb the layout of the dynamically loaded
objects in the process. Indeed if the process itself is compiled
appropriately then the main executable can be moved about from process
start to process start.

All this, unfortunately, depletes the pool of entropy available to the
system. Fortunately `/dev/urandom` continues to work when the pool is
depleted, and indeed will not reduce the pool below a threshold value
regardless of how much it is used. However this does open the door to
the question of whether or not there might be an attack related to
causing a server to spawn enough processes that it has insufficient
entropy to subsequently establish a good SSL session or similar.

Normally a Linux system will gather entropy from such things as the
miniscule differences in HDD response times, interrupts from keyboards
and mice, etc. However a virtual computer (KVM, VMWare, Cloud system
etc) doesn’t tend to have a real HDD, or in many cases, any useful
amount of interactivity to produce entropic events to be measured. This
results in cloud computers often having little to no entropy and no real
way of gathering more. Some people believe this leads to being able to
predict the random pool of one virtual machine, using the pool of a
clone of it.

When Simtec first started talking about the [Entropy
Key](http://www.entropykey.co.uk/) we were inundated with people
interested in whether or not it’d help for virtual machines. Initially
we assumed it would, but after spending a long time poking at the Linux
kernel, at KVM etc, we determined that unfortunately it wouldn’t
usefully help in the state it was in. So, I spent some time and updated
the Entropy Key’s host software to support the
<acronym title="Entropy Gathering Daemon">EGD</acronym>’s protocol, over
both unix domain sockets and TCP. This, along with another simple tool
which can connect to an EGD socket and push entropy into the Linux
random pool, means that we have an, admittedly network-reliant,
excellent way to push entropy from one host with a physical Entropy Key,
to one or more systems for use in their random pools.

When the Entropy Key is released, the host software will be released as
free software (under the MIT licence) and as such we hope that if anyone
else has any cool ideas, for helping with getting entropy to cloud
computers, they will send patches. I’m exceedingly proud that we’re
releasing the host software under a F/LOSS licence and I hope that
anyone who runs lots of VMs will be interested in this latest
development in the host software too. If you are interested, be sure to
check out the [Entropy Key Website](http://www.entropykey.co.uk/) and
send us a mail if you want to be told when retail units become
available.

`&lt;/gushing advert&gt;`