From the Canyon Edge -- :-Dustin

Thursday, October 18, 2012

Entropy, or Lack Thereof, in OpenStack Instances (and how to improve that)


I gave two presentations today at the OpenStack Design Summit in sunny San Diego, CA, as we prepare for the Grizzly development cycle.

In this presentation, I spent about 40 minutes discussing several research papers over the last 6 years showing the problems with entropy and randomness in cloud computing.  Namely:

  1. The Analysis of the Linux Random Number Generator (2006)
  2. The iSEC Partners Presentation at BlackHat (2009)
  3. Minding your P's and Q's (2012)

There's two pieces of the entropy problem in OpenStack and cloud computing that I'm interested in helping improve:

  1. Better initial seeds for the psuedo random number generator at instance initialization
  2. Better ongoing entropy gathering throughout the lifetime of the instance.
To the first point (better seeds), I suggested a series of technologies that could significantly improve the situation in OpenStack in the near term:
  1. The hypervisor could provide a random seed through a block device to the guest
  2. The hypervisor could expose a urandom device through the metadata service
    • Actually, I'm sitting next to Scott Moser right now, who attended my talk earlier today and merely hours after my talk, he has already hacked this into the OpenStack metadata service :-)  His merge proposal is here.  This is why I love open source software...
  3. The user can pass their own locally generated seed to the instance through cloud-init and the userdata
  4. Additional seed data can be assembled through the aNerd protocol
    • There's lots more to say about this one...I'll have another post on this soon!
As for improving the ongoing entropy gathering...
  1. Eventually, a new wave of cloud servers with modern CPUs will have Intel's DRNG feature and leverage the new rdrand instruction
    • Unfortunately, we're probably a little ways off from that being widely available
    • Colin King has benchmarked it -- really impressive performance!
  2. KVM's new virtio-rng driver is pretty cool too, allowing a server to pass through access to a hardware random number generator
  3. HAVEGE simply rocks, and should be installed in every cloud instance
  4. Gazzang's zTrustee encryption key manager also supports a secure, authenticated entropy service (as a commercial offering from my employer)

Enjoy!


:-Dustin

Printfriendly