Hello. Am Donnerstag 26 August 2010 12:25:55 schrieb Jerry Leichter: [...] > > 4) What about VMs? > > Rolling back a deterministic RNG on those systems gives the same > > values unless/until you re-seed with something new to this iteration > > I'm not sure what you mean by "rolling back". Yes, if you restart any > deterministic RNG with a previously-used internal state, it will > generate the same stream it did before. This is true whether you are > in a VM or not.
That is true. Luckily /dev/random is re-seeded during run-time. So even if you do a roll-back of a system and the new input it non-deterministic it will generate different output immediately. > RNG's in VM's are a big problem because the "unpredictable" values > used in the non-deterministic parts of the algorithms - whether you > use them just for seeding or during updating as well - are often much > more predictable in a VM than a "real" machine. (For example, disk > timings on real hardware have some real entropy, but in a VM with an > emulated disk, that's open to question.) I really doubt it. Are there papers about it? It does not matter if there is one physical disk that is shared between 1000 processes or between 10 VMs each running 100 processes (assuming a shared random pool). The entropy is not generated by the disk but by the processes accessing it in a (hopefully) non-deterministic way. The HDD interrupts are just the sampling point. Therefore gaining entropy depends on the level of abstraction where the sampling point is placed. It can be assumed that the buffered HDD writing and reading on the host of a VM produce less entropy than the real read(2) and write(2) calls within the VM itself. Bye Thomas --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com