[Whonix-devel] Efficacy of jitterentropy RNG on qemu-kvm Guests
procmem
procmem at riseup.net
Fri Aug 10 22:33:00 CEST 2018
Hello. I'm a distro maintainer and was wondering about the efficacy of
entropy daemons like haveged and jitterentropyd in qemu-kvm. One of the
authors of haveged [0] pointed out if the hardware cycles counter is
emulated and deterministic, and thus predictible. He therefore does not
recommend using HAVEGE on those systems. Is this the case with KVM's
counters?
PS. I will be setting VM CPU settings to host-passthrough.
Bonus: Also if anyone knows the answer to this question about Xen please
let me know because its the other main platform we support and they
don't have the luxury of virtio-rng in PVH mode.
Thanks.
[0]
https://github.com/BetterCrypto/Applied-Crypto-Hardening/commit/cf7cef7a870c1b77089b1bd6209ded6525b5a4e0#commitcomment-23006392
More information about the Whonix-devel
mailing list