[ALUG] Entropy on virtual machines

Andreas Tauscher ta at geuka.net
Sun Dec 15 17:53:08 EAT 2013


On 15.12.2013 14:54, Howard Frederick wrote:
> That is really interesting - and worrying. So many websites are run as
> virtual machines (perhaps even a majority) - does that mean that their SSL
> keys may be seeded with the same data?

No, but the temporary used keys have to be recreated. If there is not
enough randomness in the system this is taking longer.

With encrypted connections we have one problem: How do we exchange the keys?
So in the first stage a asymmetric encryption is used. Asymmetric means
I have a private key and a public key. With the public key I can encrypt
messages, but not decrypt any more. For this I need the private key.
Symmetric means both parties have the same key for encrypting/decrypting.

1. The server is sending first his public key and a certificate.
2. The client verifies the certificate and the fingerprint of the public key

This asymmetric encryption is not very performant about 1000 times
slower than symmetric encryption because the keys have to be longer. A
1024 bit asymmetric RSA key is equal to 80 bit symmetric RSA key.
So now we switch to symmetric encryption with a shorter key which is
changed every few minutes. Usual the asymmetric key is 2048 bit long or
nowerdays more and more 4096 bit long.

3. The client uses the public key to encrypt a random symmetric
encryption key and sends it to the server. (Here we have already a
problem: If my private key gets stolen any communication can be easy
decrypted)
4. The server decrypts the symmetric encryption key using its private
key and uses the symmetric key to decrypt the client requests.
5. The server sends back data that are encrypted with the symmetric key.

If it is a web server, then the client has the load to create the
symmetric keys. But if you are running for example an mail server it has
for every outgoing mail to create keys.
Now more and more Diffie-Hellman key exchange becomes popular. There is
the benefit the key never is transmitted, so even if my private key
becomes compromised, it is for an attacker not possible to decrypt the
data because out of the information he can decrypt with my stolen
private key he can not calculate the used symmetric key. But both sides
have the load to crate the secret key.

So a high entropy is increasing the throughput of an server.
Establishing the connections is faster.

On the machines I tested it key creation was speeded up by 40%

Andreas


More information about the Linux mailing list