I was wondering what solutions others use for maintaining high entropy
in the cloud.

I've run into a number of issues when generating keys and other
situations where entropy takes a big hit...which then leads to whatever
program is trying to generate something random hanging for a while until
there is enough entropy to continue.

Most entropy generation tools are based on hardware metrics of some
sort[keyboard, mouse, even reading the noise on a wi-fi or sound card],
but of course these are lacking in the cloud.

I ended up installing rng-tools and configuring it to use /dev/urandom,
which basically means as I understand it that it takes the small amount
of random data already collected, and merely duplicates it or uses it
generate more random data.

I was wondering if maybe there was some better way of doing this....  it
seems the only really good way would be to install a hardware based
entropy generating tool on a local system with wireless and soundcard
installed, and then using that to generate a truly large amount of
randomness and feed that up to amazon - either by running an entropy
server on the local system or feeding it into simpledb to be pulled by
the servers as needed.

I would suggest seeing if you can use EGD for extra entropy:

http://egd.sourceforge.net/

Joe Terranova

Not sure this really helps, but I wanted to note there are at least a
couple of rudimentary web services that offer small volumes of random
numbers over the web, including http://www.random.org/bytes/ and
http://www.fourmilab.ch/hotbits/

This looks interesting, too: http://www.vanheusden.com/entropybroker/

Pete

On 4/7/11 14:25 PM, Gary Mort wrote:

A fun way to do this would be sneakernet:

1. Use e.g., a Quantis RNG from http://www.idquantique.com/, generate a
TB or so of random bytes onto an external HD.  (If I did the math right,
a terabyte takes 6 days at 16Mbps.)

2. Ship external HD to AWS Import for transfer to S3.

3. Use an EC2 server to feed entropy from S3 to other EC2 servers.

Would make a fun community project (or maybe a small business).

Pete

On 4/7/2011 7:04 PM, Peter Kaminski wrote:

Oh my... that had me thinking of something else entirely.  Crowdsourcing
random generation by using some sort of iphone/android applet that
calculates changes in GPS position into data and keeps streaming it.

Install that onto a few thousand cell phones and just keep combining the
streams together.

:-)

On 4/7/11 17:30 PM, Gary Mort wrote:

Wow, cool!

Not to mention accelerometers, compasses, barometers, light sensors,
maybe even a hash of what the camera's seeing...

Pete

On 04/08/2011 08:15 AM, Peter Kaminski wrote:
All fun, but it fails to mention if (why?) this source of entropy would
be better than say thermal noise, photoelectric effect or other quantum
phenomena. These processes are, in theory, completely unpredictable. So
it would be
   - a lot cheaper
   - a lot more secure (!!!)
   - a lot less fun...

to use

$0.02

Ok, this conversation just got seriously interesting... You guys want to
make this happen?

--
Joey "JoeLinux" Espinosa
Software Developer
GV# (305) 747-1711
On Apr 8, 2011 2:16 AM, "Peter Kaminski" <kamin...@istori.com> wrote:

On 4/8/11 01:28 AM, Joey Espinosa wrote:

I'm interested.  I'm actually even more interested in how we'd harness
something like Twitter as an entropy source.

Of course, as sgheeren says, quantum noise is cheaper and more secure --
just less fun. :-)

I see two interesting challenges:

1) How do you extract good (i.e., close to random) entropy from
something that's chaotic, but not random?

2) How do you broker good (i.e., secure) entropy from a public (Twitter)
or not-necessarily-trustable (aggregated crowdsource) chaos aggregator
to multiple users?

Pete