If the desired outcome is security you must generate instance unique keys and elegant software design alone is simply not enough to achieve that.
And I didn't say solve below I said mitigate. You can't solve the problem of someone using already created keys in multiple VM's. But you can and should reduce the chances that someone will create them from a fresh keygen because that simply can't be mitigated anywhere else but in your code. Simillar issues exist with fork(), and again, you should make efforts to mitigate that risk because the user can't. Magic fairy dust like (/dev/hwrng) undoubtedly helps where it exists, but you still have to apply it correctly to achieve the desired outcome. Peter From: John Denker via openssl-dev <openssl-dev@openssl.org> To: "openssl-dev@openssl.org" <openssl-dev@openssl.org> Date: 28/06/2017 12:19 Subject: Re: [openssl-dev] Work on a new RNG for OpenSSL Sent by: "openssl-dev" <openssl-dev-boun...@openssl.org> On 06/27/2017 06:41 PM, Peter Waltenberg wrote: > Consider most of the worlds compute is now done on VM's where images are > cloned, duplicated and restarted as a matter of course. Not vastly > different from an embedded system where the clock powers up as 00:00 > 1-Jan, 1970 on each image. If you can trust the OS to come up with unique > state each time you can rely solely on the OS RNG - well provided you > reseed often enough anyway, i.e. before key generation. That's also why > seeding a chain of PRNG's once at startup is probably not sufficient here. That is approximately the last thing openssl should be fussing over. There is a set of problems there, with a set of solutions, none of which openssl has any say over. ===> The VM setup should provide a virtual /dev/hwrng <=== Trying to secure a virtual machine without a virtual hwrng (or the equivalent) is next to impossible. There may be workarounds, but they tend to be exceedingly locale-specific, and teaching openssl to try to discover them would be a tremendous waste of resources. So stop trying to operate without /dev/hwrng already. It reminds me of the old Smith & Dale shtick: -- Doctor, doctor, it hurts when I do *this*. -- So don't do that. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev