VirtEntropyProvision
Virtual Machine Entropy Provision
In a bare metal system, an operating system kernel has a number of sources for collecting seed data for their entropy pools eg disks, NICs, mouse movement, interrupts, and more. Most, if not all, of these sources are unavailable to virtual machines, either because they lack the hardware entirely (eg headless with no mouse), or the hardware does not provide satisfactory entropy (virtualized NICs/disk). The result is that virtual machines often have difficulty providing enough entropy to processes they run, especially crypto functions which require entropy from /dev/random rather than /dev/urandom.
The goal of this document is to examine how OpenStack Nova can provide further data to guest operating systems that is suitable for seeding their random entropy pool.
Sources of entropy
Beyond the traditional schemes a Linux kernel uses, there are a number of possible sources of entropy
CPU RNGs
With the IvyBridge line of processors, Intel introduced an on-chip random number generator, accessible via a new RDRAND instruction
The Linux kernel is able to use this instruction to feed its /dev/urandom pool, but will not use it for /dev/random.
The rng-utils package contains the rngd daemon which is also able to make use of this instruction, and after cryptographically validating the quality random numbers, will populate the kernels random pool, making entropy available via /dev/random.
The RDRAND instruction is capable of providing as much as 800 GBytes/second of random data.
TPM RNGs
Trusted Platform Module chips, which are common on many hardware platforms, typically provide an hardware random number generator. On Linux these can be accessed via /dev/tpm device nodes.
The rng-utils package rngd daemon can again obtain data from the TPM RNGs to re-populate the kernel's random pool, making entropy available via /dev/random
Data rates available vary according to the precise hardware in use, so no clear figures are available
Dedicated Hardware RNG devices
There exist various options for external / addon hardware RNG generators. For example, the EntropyKey is a low cost USB based hardware RNG
It comes with software that will feed the random numbers into the kernel's random pool making entropy available via /dev/random
Software entropy gathering
It is possible to provide userspace software packages which gather further entropy based on activity in the OS and feed it into the kernel's random pool. One example is EGD:
The protocol defined by EGD is also implemented by a number of other programs, for compatibility. eg ssh, gpg, qemu.
Another software solution is CSRNG