How VMware ensures that SSH keys and other security tokens are generated with enough randomization to provide strong encryption
Article ID: 343249
Updated On:
Products
VMware vSphere ESXi
Issue/Introduction
In virtual machines in both cloud and non-cloud computing systems, SSH keys and other security tokens are generated by numbers that are sufficiently random and in which there is enough entropy in a virtual machine to ensure that a guest operating system is always able to produce as many cryptographically strong random numbers as may be needed for proper data encryption and SSH key and token generation.
Traditionally, computer systems generate random numbers based on the entropy inherently present in physical processes such as disk seek times, keyboard events (keystrokes), inter-arrival times for aperiodic interrupts, and so on. In a virtual machine, these timings are affected by the software virtualization layer (the virtual machine monitor) because virtual machines have virtualized devices (disks, NICs, and so on) and receive virtualized interrupts.
Although the software virtualization layer is not an external physical process, the timings of actions such as reads from a virtualized disk include a component determined by a physical process because a read ultimately triggers an interaction with an external physical source.
For example, reads to an NFS disk go over a physical network to a physical disk while reads to a disk in the cloud go over the network to the cloud and then to a physical disk. In this way, inter-arrival timings on disks and other virtualized devices retain a timing element external to the virtual machine and external to the software of the virtual machine monitor.
VMware has used National Institute of Standards and Technology (NIST) testing to evaluate the quality of the random numbers used internally by the vSphere ESXi hypervisor. The tests have concluded that the quality of entropy in virtual environments is similar to the entropy into physical environments. This is sufficient for SSL key generation and the ESXi host did not report any issues.
VMware has also run the NIST tests to measure the quality of entropy in a Linux virtual machine on a system running ESXi 5.1. The testing used CentOS 5.2 64-bit, the NIST Statistical Test Suite (STS) version 2.1.1. The STS data set was 300 MiB which it acquired from CentOS /dev/urandom. The STS testing parameter stream length was set to 1000000 and bitstreams were set to 1000.
The testing was run on both an unloaded and a heavily loaded ESXi system. The heavily loaded ESXi system workload used disk I/O and network I/O. Test results concluded that the quality of entropy was sufficient is cryptographic applications such as SSL key generation.
Traditionally, computer systems generate random numbers based on the entropy inherently present in physical processes such as disk seek times, keyboard events (keystrokes), inter-arrival times for aperiodic interrupts, and so on. In a virtual machine, these timings are affected by the software virtualization layer (the virtual machine monitor) because virtual machines have virtualized devices (disks, NICs, and so on) and receive virtualized interrupts.
Although the software virtualization layer is not an external physical process, the timings of actions such as reads from a virtualized disk include a component determined by a physical process because a read ultimately triggers an interaction with an external physical source.
For example, reads to an NFS disk go over a physical network to a physical disk while reads to a disk in the cloud go over the network to the cloud and then to a physical disk. In this way, inter-arrival timings on disks and other virtualized devices retain a timing element external to the virtual machine and external to the software of the virtual machine monitor.
VMware has used National Institute of Standards and Technology (NIST) testing to evaluate the quality of the random numbers used internally by the vSphere ESXi hypervisor. The tests have concluded that the quality of entropy in virtual environments is similar to the entropy into physical environments. This is sufficient for SSL key generation and the ESXi host did not report any issues.
VMware has also run the NIST tests to measure the quality of entropy in a Linux virtual machine on a system running ESXi 5.1. The testing used CentOS 5.2 64-bit, the NIST Statistical Test Suite (STS) version 2.1.1. The STS data set was 300 MiB which it acquired from CentOS /dev/urandom. The STS testing parameter stream length was set to 1000000 and bitstreams were set to 1000.
The testing was run on both an unloaded and a heavily loaded ESXi system. The heavily loaded ESXi system workload used disk I/O and network I/O. Test results concluded that the quality of entropy was sufficient is cryptographic applications such as SSL key generation.
Environment
VMware vSphere ESXi 6.0
VMware vSphere ESXi 6.7
VMware vSphere ESXi 5.1
VMware vSphere ESXi 5.5
VMware vSphere ESXi 5.0
VMware vSphere ESXi 6.5
VMware vSphere ESXi 6.7
VMware vSphere ESXi 5.1
VMware vSphere ESXi 5.5
VMware vSphere ESXi 5.0
VMware vSphere ESXi 6.5
Resolution
This material is presented for information only. No solution is required.
Feedback
Yes
No
Powered by
