[144671] in cryptography@c2.net mail archive
Re: The clouds are not random enough
daemon@ATHENA.MIT.EDU (Ben Laurie)
Sun Aug 2 17:55:11 2009
In-Reply-To: <9B415540-43F2-436E-A4FA-E87FCE8E02FB@lrw.com>
Date: Sun, 2 Aug 2009 20:53:44 +0100
From: Ben Laurie <benl@google.com>
To: Jerry Leichter <leichter@lrw.com>
Cc: "Ali, Saqib" <docbook.xml@gmail.com>,
Cryptography <cryptography@metzdowd.com>
On Sat, Aug 1, 2009 at 10:06 PM, Jerry Leichter<leichter@lrw.com> wrote:
>> Why Cloud Computing Needs More Chaos:
>>
>> http://www.forbes.com/2009/07/30/cloud-computing-security-technology-cio=
-network-cloud-computing.html
>>
>> [Moderator's note: ... the article is about a growing problem -- the
>> lack of good quality random numbers in VMs provided by services like EC2
>> and the effect this has on security. --Perry]
>
> The problem is broader than this. =A0A while back, I evaluated a technolo=
gy
> that did it best to solve a basically insoluble problem: =A0How does a se=
rver,
> built on stock technology, keep secrets that it can use to authenticate w=
ith
> other servers after an unattended reboot? =A0Without tamper-resistant har=
dware
> that controls access to keys, anything the software can get at at boot, a=
n
> attacker who steals a copy of a backup, say - can also get at. =A0So, the
> trick is to use a variety of measurements of the hardware - amount of
> memory, disk sizes, disk serial numbers, whatever you can think of that
> varies from machine to machine and is not stored in a backup - and combin=
es
> them to produce a key that encrypts the important secrets. =A0Since hardw=
are
> does need to be fixed or upgraded at times, a good implementation will us=
e
> some kind of "m unchanged out of n measurements" algorithm. =A0Basically,=
this
> is the kind of thing Microsoft uses to lock license keys to particular
> instances of hardware. =A0Yes, it can be broken - but you can make breaki=
ng it
> a great deal of work.
>
> Virtualization changes all of this. =A0Every copy of a virtual machine is=
will
> be identical as far as most of these measurements are concerned.
I'd imagine (I'm not particularly interested in licence enforcement,
so I really am imagining), that the opposite was the problem: i.e.
that the host could run you on any VM which might have wildly varying
characteristics, depending on what the real machine underneath was,
and what else you were sharing with. So, every time you see the
measurements, they'll be different.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
