Performance Analysis of Linux RNG in Virtualized Environments

Abstract

We consider performance of Linux Random Number Generator(RNG) in virtualized environments and ask, (i) if the emulated hardware can provide sufficient entropy sources for the RNG and, (ii) if the RNG output of the host and the guest are isolated. These are important questions because insufficient entropy results in {\em entropy starvation}, and the lack of isolation results in the host and the guest RNG output to be correlated. We give detailed comparison of the Linux RNGs that run on a host and a guest in different settings. Our results show that, as expected, hosts have higher entropy sources available and generate entropy at a higher rate (entropy bit per second). We also show that generating disk activity at high rate on the guest results in a significant flow of events from the guest to the host that could possibly be exploited by an adversary to find the output of the host RNG by controlling the guest.