[149327] in cryptography@c2.net mail archive
Re: [Cryptography] cheap sources of entropy
daemon@ATHENA.MIT.EDU (John Kelsey)
Mon Feb 3 12:23:32 2014
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <201402030334.s133YlFT009166@new.toad.com>
From: John Kelsey <crypto.jmk@gmail.com>
Date: Mon, 3 Feb 2014 12:14:30 -0500
To: John Gilmore <gnu@toad.com>
Cc: Jerry Leichter <leichter@lrw.com>,
"cryptography@metzdowd.com" <cryptography@metzdowd.com>,
Bill Stewart <bill.stewart@pobox.com>,
"James A. Donald" <Jamesd@echeque.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Feb 2, 2014, at 10:34 PM, John Gilmore <gnu@toad.com> wrote:
>
> So, if an attacker running malware in a hypervisor (or SMM) knew you
> were depending on disk drive timings for the random numbers that
> create your encryption keys, how easily could they attack you by
> rigidizing those interrupt timings, e.g. delaying your virtual machine
> interrupts at to the next even 1/60th of a second?
Maybe this is just my lack of understanding coming out, but I'm having a hard time seeing how any crypto code is going to remain secure if the hypervisor controlling the VM it's running on is under an attacker's control.
> John
--John
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
