Entropy Problems For Linux In the Cloud

CalTrumpet writes "Our research group recently spoke at Black Hat USA on the topic of cloud computing security. One of the interesting outcomes of our research was the discovery that the combination of virtualization technologies and public system images results in a problem for random number generation on guest operating systems. This is especially true for Linux, since its PRNG uses only a small set of entropy-gathering events, and virtual Linux images often generate SSH host keys within seconds of their initial boot. The slides are available; the PRNG vulnerability material begins at slide 63."

Re:Here's a novel RNG

[turbidostato]

"The number of molecules in Cmdr Taco's nacho-warrior farts !! This can range from a few thousand on a mild day, to say 4 BILLION on a down and dirty day."

Sorry to point that out but you are understimating Cmdr Taco's farts by some orders of magnitude: it's more TRILLIONS (10^12) on a mild day up to a TRILLION OF TRILLIONS OF TRILLIONS (in the order of 10^24) on a funny day.

"I know, I know, and you don't want to know how I know."

I can sware I learn it on a book and nowhere else.