Nothing Special   »   [go: up one dir, main page]

Skip to main content

A Study of Entropy Sources in Cloud Computers: Random Number Generation on Cloud Hosts

  • Conference paper
Computer Network Security (MMM-ACNS 2012)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 7531))

Abstract

Cloud computing hosts require a good source of cryptographically strong random numbers. Most of the standard security practices are based on assumptions that hold true for physical machines, but don’t translate immediately into the domain of virtualized machines. It is imperative to reconsider the well accepted security practices that were built around physical machines, and whether blind application of such practices results in the possibility of a data breach, machine control, or other vulnerabilities. Because of Cloud computers reliance on virtualization, access to the hardware based random number generator is restricted, and virtualization can have unforeseen effects on the operating system based random number generator. In this paper, the entropy pool poisoning attack is introduced and studied and a Cloud Entropy Management System is proposed. Extensive experimental study verified that there are measurable problems with entropy in Cloud instances, and the management system effectively solves them.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Jun, B., Kocher, P.: The Intel Random Number Generator, Cryptography Research Inc., white paper prepared for Inter Corp., (April 1999), http://www.cryptography.com/resources/whitepapers/IntelRNG.pdf

  2. Taylor, G., Cox, G.: Digital randomness. IEEE Spectrum 48 (September 2011)

    Google Scholar 

  3. Lian, G.: Testing Primitive Polynomials for Generalized Feedback Shift Register Random Number Generators, http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.89.318&rep=rep1&type=pdf

  4. Kelsey, J., Schneier, B., Ferguson, N.: Yarrow-160: Notes on the Design and Analysis of the Yarrow Cryptographic Pseudorandom Number Generator. In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol. 1758, pp. 13–33. Springer, Heidelberg (2000), http://www.schneier.com/paper-yarrow.ps.gz

    Chapter  Google Scholar 

  5. Ferguson, N., Schneier, B.: Practical Cryptography, pp. 161–182. John Wiley & Sons (2003)

    Google Scholar 

  6. Kelsey, J., Schneier, B., Wagner, D., Hall, C.: Cryptanalytic Attacks on Pseudorandom Number Generators. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 168–188. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  7. Gutterman, Z., Pinkas, B., Reinman, T.: Analysis of the linux random number generator. In: Proceedings of the 2006 IEEE Symposium on Security and Privacy. IEEE Computer Society (2006)

    Google Scholar 

  8. Mackall, M.: Linux Kernel Source 2.6.32.8 Random Character Driver, (/linux2.6.32.8/drivers/char/random.c in kernel source tree)

    Google Scholar 

  9. Beige, T.: Analysis of a strong Pseudo Random Number Generator by anatomizing Linux Random Number Device (November 2006), http://www.suse.de/~thomas/papers/random-analysis.pdf

  10. Duda, K., Cheriton, D.: Borrowed-Virtual-Time (BVT) scheduling: supporting latency-sensitive threads in a general-purpose scheduler. In: Proceedings of the 17th ACM Symposium on Operating Systems Principles, SOSP 1999 (December 1999)

    Google Scholar 

  11. “Earliest deadline first scheduling” Internet: http://en.wikipedia.org/wiki/Earliest_deadline_first_scheduling (December 4, 2010) [April 26, 2011]

  12. Mathai, J.: ”Scheduling - Xen Wiki” Internet: http://wiki.xensource.com/xenwiki/Scheduling (June 09, 2007) [ May 7, 2011]

  13. Park, S., Miller, K.: Random Number Generators: Good Ones Are Hard to Find. Communications of ACM 21(10) (October 1988)

    Google Scholar 

  14. LÈcuyer, P.: Efficient and Portable Combined Random Number Generators. Communications of the ACM 31(6), 742–774 (1988)

    Article  Google Scholar 

  15. Carstensen, C., Fine, B., Rosenberger, G.: Abstract Algebra - Applications to Galois Theory, Algebraic Geometry and Cryptography. Heldermann Verlag (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kerrigan, B., Chen, Y. (2012). A Study of Entropy Sources in Cloud Computers: Random Number Generation on Cloud Hosts. In: Kotenko, I., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2012. Lecture Notes in Computer Science, vol 7531. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33704-8_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-33704-8_24

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-33703-1

  • Online ISBN: 978-3-642-33704-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics