[dm-crypt] General question: Encrypytion on virtual servers (VPS/Vserver)
arno at wagner.name
Tue Feb 21 19:14:54 CET 2017
On Tue, Feb 21, 2017 at 17:33:54 CET, Daniel P. Berrange wrote:
> On Tue, Feb 21, 2017 at 05:21:24PM +0100, Arno Wagner wrote:
> > On Tue, Feb 21, 2017 at 14:58:07 CET, Daniel P. Berrange wrote:
> > > On Tue, Feb 21, 2017 at 02:42:51PM +0100, michaelof at rocketmail.com wrote:
> > [...]
> > > If the attacker has access to the physical host while your VM is running,
> > > then (with current hardware) there is essentially nothing you can do to
> > > prevent a skilled person getting your master key out of VM memory. AMD
> > > recently announced a memory encryption feature that might make it possible
> > > to protect guest keys from a host attacker, but its still very early days
> > > in its developement & integration into virtualization technology, so a very
> > > long way off being available in any public hosting provider.
> > I think this is more about proteching VMs from each other than
> > from the Hypervisor, think memory deduplication, copy-on-write
> > and caches that leak information from one VM to another.
> Protecting the VM from the host is very much in scope of what AMD
> is aiming to achieve with its SEV technology & KVM. The impl it
> isn't there yet, but it is one of the intended targets.
Well, _marketing_ may have put it in scope, but I very much
doubt they can do it (because it is basically infeasible
without taking control of the CPU away from its owner) and
I expect AMD _engineering_ knows that.
Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno at wagner.name
GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718
A good decision is based on knowledge and not on numbers. -- Plato
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
More information about the dm-crypt