CS 241 Honors Nothing is Ever Random

Similar documents
CS370: Operating Systems [Spring 2017] Dept. Of Computer Science, Colorado State University

CSC 5930/9010 Cloud S & P: Virtualization

Virtualization. Pradipta De

Module 1: Virtualization. Types of Interfaces

CSC 580 Cryptography and Computer Security

Virtual Machines. Part 2: starting 19 years ago. Operating Systems In Depth IX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand

CS 350 Winter 2011 Current Topics: Virtual Machines + Solid State Drives

Background. IBM sold expensive mainframes to large organizations. Monitor sits between one or more OSes and HW

Virtualization. Operating Systems, 2016, Meni Adler, Danny Hendler & Amnon Meisels

CSCE 410/611: Virtualization

Virtualization. Virtualization

Lecture 5: February 3

ECE 331 Hardware Organization and Design. UMass ECE Discussion 11 4/12/2018

Virtualization and memory hierarchy

Virtualization. Dr. Yingwu Zhu

COMPUTER ARCHITECTURE. Virtualization and Memory Hierarchy

1 Virtualization Recap

Virtualization (II) SPD Course 17/03/2010 Massimo Coppola

references Virtualization services Topics Virtualization

CSCE 410/611: Virtualization!

Chapter 5 C. Virtual machines

CHAPTER 16 - VIRTUAL MACHINES

CLOUD COMPUTING IT0530. G.JEYA BHARATHI Asst.Prof.(O.G) Department of IT SRM University

CHAPTER 16 - VIRTUAL MACHINES

OS Virtualization. Why Virtualize? Introduction. Virtualization Basics 12/10/2012. Motivation. Types of Virtualization.

24-vm.txt Mon Nov 21 22:13: Notes on Virtual Machines , Fall 2011 Carnegie Mellon University Randal E. Bryant.

Virtualization. ...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania.

Xen VGA passthrough. 1.1 VGA passthrough. 1 Introduction. 2 Xen architecture. 2.1 Structure

The Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36

Virtual Machines Disco and Xen (Lecture 10, cs262a) Ion Stoica & Ali Ghodsi UC Berkeley February 26, 2018

Learning Outcomes. Extended OS. Observations Operating systems provide well defined interfaces. Virtual Machines. Interface Levels

/dev/random and Your FIPS Validation Can Be Friends

LINUX Virtualization. Running other code under LINUX

ICMC 2017 Washington DC

Principles of Operating Systems CS 446/646

Administrative Details. CS 140 Final Review Session. Pre-Midterm. Plan For Today. Disks + I/O. Pre-Midterm, cont.

CSE 120 Principles of Operating Systems

Björn Döbel. Microkernel-Based Operating Systems. Exercise 3: Virtualization

UNIT 9A Randomness in Computation: Random Number Generators Principles of Computing, Carnegie Mellon University - CORTINA

Dan Noé University of New Hampshire / VeloBit

CSCI 8530 Advanced Operating Systems. Part 19 Virtualization

Chapter 5 B. Large and Fast: Exploiting Memory Hierarchy

UNIT 9A Randomness in Computation: Random Number Generators

Xen and the Art of Virtualization

Virtualization Introduction

Virtualization. Michael Tsai 2018/4/16

Lecture 5. KVM for ARM. Christoffer Dall and Jason Nieh. 5 November, Operating Systems Practical. OSP Lecture 5, KVM for ARM 1/42

Virtual machines (e.g., VMware)

VM Migration, Containers (Lecture 12, cs262a)

Background: Operating Systems

Information Security CS526

Porting bhyve on ARM. Mihai Carabas, Peter Grehan BSDCan 2016 University of Ottawa Ottawa, Canada June 10 11, 2016

Virtual Machine Security

Multiprocessor Systems Continuous need for faster computers Multiprocessors: shared memory model, access time nanosec (ns) Multicomputers: message pas

64-bit ARM Unikernels on ukvm

Virtual Virtual Memory

Operating Systems, Fall Lecture 9, Tiina Niklander 1

Cloud & container monitoring , Lars Michelsen Check_MK Conference #4

Introduction to Concurrency (Processes, Threads, Interrupts, etc.)

Advanced Operating Systems (CS 202) Virtualization

I/O and virtualization

CS-580K/480K Advanced Topics in Cloud Computing. VM Virtualization II

CIS Operating Systems CPU Mode. Professor Qiang Zeng Spring 2018

Analysis of Inherent Randomness of the Linux kernel

Virtualization. Starting Point: A Physical Machine. What is a Virtual Machine? Virtualization Properties. Types of Virtualization

Distributed Systems COMP 212. Lecture 18 Othon Michail

Introduction to Cloud Computing and Virtualization. Mayank Mishra Sujesha Sudevalayam PhD Students CSE, IIT Bombay

Virtualization. ! Physical Hardware Processors, memory, chipset, I/O devices, etc. Resources often grossly underutilized

Docker und IBM Digital Experience in Docker Container


VIRTUALIZATION: IBM VM/370 AND XEN

Monte Carlo Simulations

HOWTO: A Simple Random Number Generator for the ATmega1280 Microcontroller under C and TinyOS

Jan 20, 2005 Lecture 2: Multiprogramming OS

Overview of System Virtualization: The most powerful platform for program analysis and system security. Zhiqiang Lin

The Future of Virtualization

16 Sharing Main Memory Segmentation and Paging

CS 241 Honors Memory

CS 261 Fall Mike Lam, Professor. Virtual Memory

Wheel of Fortune ANALYZING EMBEDDED OS (CS)PRNGS JOS WETZELS ALI ABBASI

Background. IBM sold expensive mainframes to large organiza<ons. Monitor sits between one or more OSes and HW

Crypto: Passwords and RNGs. CS 642 Guest Lecturer: Adam Everspaugh

OPERATING SYSTEMS Chapter 13 Virtual Machines. CS3502 Spring 2017

CS370 Operating Systems

Hypervisor security. Evgeny Yakovlev, DEFCON NN, 2017

COS 318: Operating Systems. Virtual Machine Monitors

Xen and the Art of Virtualization. Nikola Gvozdiev Georgian Mihaila

Pseudorandom Number Generation

Secure Partitioning (s-par) for Enterprise-Class Consolidation

OPS-9: Fun With Virtualization. John Harlow. John Harlow. About John Harlow

CS5460: Operating Systems. Lecture: Virtualization. Anton Burtsev March, 2013

Operating system hardening

T Jarkko Turkulainen, F-Secure Corporation

A Survey on Virtualization Technologies

Meltdown and Spectre - understanding and mitigating the threats (Part Deux)

UNIT 9A Randomness in Computa5on: Random Number Generators. Randomness in Compu5ng

Fast access ===> use map to find object. HW == SW ===> map is in HW or SW or combo. Extend range ===> longer, hierarchical names

Operating System Overview

INNOV-4: Fun With Virtualization. Or, How I learned to love computers that don t really exist...

Transcription:

CS 241 Honors Nothing is Ever Random Kevin Hong University of Illinois Urbana-Champaign Feburary 13, 2018 Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 1 / 11

Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 2 / 11

What is randomness? From Wikipedia: Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 3 / 11

What is randomness? From Wikipedia: Randomness is the lack of pattern or predictability in events. Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 3 / 11

What is randomness? From Wikipedia: Randomness is the lack of pattern or predictability in events. A random sequence of events, symbols or steps has no order and does not follow an intelligible pattern or combination. Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 3 / 11

Why do we care? Random numbers are integral to tons of algorithms Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 4 / 11

Why do we care? Random numbers are integral to tons of algorithms Monte Carlo Methods Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 4 / 11

Why do we care? Random numbers are integral to tons of algorithms Monte Carlo Methods Quicksearch Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 4 / 11

Why do we care? Random numbers are integral to tons of algorithms Monte Carlo Methods Quicksearch If you re interested in randomized algorithms, take CS 473! Luck in games, etc Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 4 / 11

Based PRNG So we need to generate random numbers? Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 5 / 11

Based PRNG So we need to generate random numbers? Methods Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 5 / 11

Based PRNG So we need to generate random numbers? Methods Pseudorandom Number Generators (PRNG) Deterministic algorithm for generating a sequence of numbers Relies on a random seed Approximates random numbers well CSPRNG Fast, deterministic, periodic Mersenne Twister, xorshift Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 5 / 11

Based TRNG True Random Number Generators (TRNG) Rely on unpredictable physical phenomena Atmospheric noise, radioactive decay Slow, nondeterministic, non-periodic random.org Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 6 / 11

Randomness in a computer In every laptop...there lives a die... Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 7 / 11

Randomness in a computer In every laptop...there lives a die... That die is /dev/random and /dev/urandom Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 7 / 11

Randomness in a computer In every laptop...there lives a die... That die is /dev/random and /dev/urandom Entropy Pool Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 7 / 11

Randomness in a computer In every laptop...there lives a die... That die is /dev/random and /dev/urandom Entropy Pool Your computer grabs physical specs, keyboard input, mouse movements as entropy Supposedly random bits Keep an estimate of the number of unknown bits Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 7 / 11

Yo dawg...i heard you like randomness So you want x amount of bits? Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 8 / 11

Yo dawg...i heard you like randomness So you want x amount of bits? Pull x number of bits from your entropy pool Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 8 / 11

Yo dawg...i heard you like randomness So you want x amount of bits? Pull x number of bits from your entropy pool Hash it using any good hashing algorithm Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 8 / 11

Yo dawg...i heard you like randomness So you want x amount of bits? Pull x number of bits from your entropy pool Hash it using any good hashing algorithm Enjoy your new random number/ Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 8 / 11

Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 9 / 11

/dev/random? /dev/urandom? You may notice there s a difference Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 10 / 11

/dev/random? /dev/urandom? You may notice there s a difference Random vs unlimited random Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 10 / 11

/dev/random? /dev/urandom? You may notice there s a difference Random vs unlimited random Do you need unlimited random? Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 10 / 11

Further Topics Cryptography and CS461 Randomized Algorithms in CS473 and 498/598 Kevin Hong (UIUC) Randomness and Entropy Feburary 13, 2018 11 / 11

CS 241 Honors The cake CPU is a lie Aneesh Durg University of Illinois Urbana-Champaign February 13, 2018 Aneesh Durg (UIUC) Virtualization February 13, 2018 1 / 14

I think there is a world market for maybe five computers. - Thomas Watson You probably have 5 computers on your right now. Aneesh Durg (UIUC) Virtualization February 13, 2018 2 / 14

I think there is a world market for maybe five computers. - Thomas Watson You probably have 5 computers on your right now. Problem: Modern world demands high computing powers Aneesh Durg (UIUC) Virtualization February 13, 2018 2 / 14

I think there is a world market for maybe five computers. - Thomas Watson You probably have 5 computers on your right now. Problem: Modern world demands high computing powers Servers handling many users Enterprise software Crysis 3 Aneesh Durg (UIUC) Virtualization February 13, 2018 2 / 14

I think there is a world market for maybe five computers. - Thomas Watson You probably have 5 computers on your right now. Problem: Modern world demands high computing powers Servers handling many users Enterprise software Crysis 3 Solution: Virtual Machines! Aneesh Durg (UIUC) Virtualization February 13, 2018 2 / 14

I think there is a world market for maybe five computers. - Thomas Watson You probably have 5 computers on your right now. Problem: Modern world demands high computing powers Servers handling many users Enterprise software Crysis 3 Solution: Virtual Machines! Legacy Apps! Aneesh Durg (UIUC) Virtualization February 13, 2018 2 / 14

I think there is a world market for maybe five computers. - Thomas Watson You probably have 5 computers on your right now. Problem: Modern world demands high computing powers Servers handling many users Enterprise software Crysis 3 Solution: Virtual Machines! Legacy Apps! What if we had more power than we need? Aneesh Durg (UIUC) Virtualization February 13, 2018 2 / 14

I think there is a world market for maybe five computers. - Thomas Watson You probably have 5 computers on your right now. Problem: Modern world demands high computing powers Servers handling many users Enterprise software Crysis 3 Solution: Virtual Machines! Legacy Apps! What if we had more power than we need? Offers isolation! Aneesh Durg (UIUC) Virtualization February 13, 2018 2 / 14

Challenges What are sensitive instructions? Aneesh Durg (UIUC) Virtualization February 13, 2018 3 / 14

Challenges What are sensitive instructions? All instructions are equal, but some are more equal than others Requires elevated privilages to execute - can t have everybody breaking the system all the time Aneesh Durg (UIUC) Virtualization February 13, 2018 3 / 14

Challenges What are sensitive instructions? All instructions are equal, but some are more equal than others Requires elevated privilages to execute - can t have everybody breaking the system all the time Trap is not just a kind of music Aneesh Durg (UIUC) Virtualization February 13, 2018 3 / 14

Challenges What are sensitive instructions? All instructions are equal, but some are more equal than others Requires elevated privilages to execute - can t have everybody breaking the system all the time Trap is not just a kind of music trap the kernel and execute the instruction there Aneesh Durg (UIUC) Virtualization February 13, 2018 3 / 14

Challenges What are sensitive instructions? All instructions are equal, but some are more equal than others Requires elevated privilages to execute - can t have everybody breaking the system all the time Trap is not just a kind of music trap the kernel and execute the instruction there e.g. direct access to hardware, enable/disable interrupts, etc. Aneesh Durg (UIUC) Virtualization February 13, 2018 3 / 14

History time! Problem: What happens if a user tries to execute privilaged instructions Aneesh Durg (UIUC) Virtualization February 13, 2018 4 / 14

History time! Problem: What happens if a user tries to execute privilaged instructions You d hope it traps to kernel Aneesh Durg (UIUC) Virtualization February 13, 2018 4 / 14

History time! Problem: What happens if a user tries to execute privilaged instructions You d hope it traps to kernel Intel disagrees. Aneesh Durg (UIUC) Virtualization February 13, 2018 4 / 14

History time! Problem: What happens if a user tries to execute privilaged instructions You d hope it traps to kernel Intel disagrees. Solution: Lol just silently ignore those pesky users Aneesh Durg (UIUC) Virtualization February 13, 2018 4 / 14

History time! Problem: What happens if a user tries to execute privilaged instructions You d hope it traps to kernel Intel disagrees. Solution: Lol just silently ignore those pesky users Problem: Some architechtures/oses check have instructions that can do some sensitive instructions Aneesh Durg (UIUC) Virtualization February 13, 2018 4 / 14

History time! Problem: What happens if a user tries to execute privilaged instructions You d hope it traps to kernel Intel disagrees. Solution: Lol just silently ignore those pesky users Problem: Some architechtures/oses check have instructions that can do some sensitive instructions Different behavior when executed by user vs. kernel Aneesh Durg (UIUC) Virtualization February 13, 2018 4 / 14

History time! Why do we care? Aneesh Durg (UIUC) Virtualization February 13, 2018 5 / 14

History time! Why do we care? This makes virtualization more confusing... Aneesh Durg (UIUC) Virtualization February 13, 2018 5 / 14

History time! Why do we care? This makes virtualization more confusing... What if the OS is in user mode? Aneesh Durg (UIUC) Virtualization February 13, 2018 5 / 14

10 kinds of people in this world... Let s build a hypervisor! Aneesh Durg (UIUC) Virtualization February 13, 2018 6 / 14

10 kinds of people in this world... Let s build a hypervisor! Smaller than a kernel Aneesh Durg (UIUC) Virtualization February 13, 2018 6 / 14

10 kinds of people in this world... Let s build a hypervisor! Smaller than a kernel Allows us to virtualize hardware Aneesh Durg (UIUC) Virtualization February 13, 2018 6 / 14

10 kinds of people in this world... Let s build a hypervisor! Smaller than a kernel Allows us to virtualize hardware Type 1 vs Type 2 Aneesh Durg (UIUC) Virtualization February 13, 2018 6 / 14

10 kinds of people in this world... Let s build a hypervisor! Smaller than a kernel Allows us to virtualize hardware Type 1 vs Type 2 Pros and cons to each Aneesh Durg (UIUC) Virtualization February 13, 2018 6 / 14

Type 1 The intuitive, hardware-based approach Aneesh Durg (UIUC) Virtualization February 13, 2018 7 / 14

Type 1 The intuitive, hardware-based approach Aneesh Durg (UIUC) Virtualization February 13, 2018 7 / 14

Type 1 The intuitive, hardware-based approach Guest OS/kernel hypervisor Aneesh Durg (UIUC) Virtualization February 13, 2018 7 / 14

Type 1 The intuitive, hardware-based approach Guest OS/kernel hypervisor Guest process CPU Aneesh Durg (UIUC) Virtualization February 13, 2018 7 / 14

Type 2 First made by VMWare in 2006 Aneesh Durg (UIUC) Virtualization February 13, 2018 8 / 14

Type 2 First made by VMWare in 2006 On first run needs to boot from disk and install the OS to it s own disk The disks are acutally just files Aneesh Durg (UIUC) Virtualization February 13, 2018 8 / 14

Type 2 First made by VMWare in 2006 On first run needs to boot from disk and install the OS to it s own disk The disks are acutally just files Emulates sensitive instructions Aneesh Durg (UIUC) Virtualization February 13, 2018 8 / 14

Type 2 First made by VMWare in 2006 On first run needs to boot from disk and install the OS to it s own disk The disks are acutally just files Emulates sensitive instructions Runs on top of Guest OS! Aneesh Durg (UIUC) Virtualization February 13, 2018 8 / 14

Type 2 First made by VMWare in 2006 On first run needs to boot from disk and install the OS to it s own disk The disks are acutally just files Emulates sensitive instructions Runs on top of Guest OS! Scan blocks of code in OS, if a block of kernel code needs a sensitive Aneesh Durg (UIUC) Virtualization February 13, 2018 8 / 14

Type 2 First made by VMWare in 2006 On first run needs to boot from disk and install the OS to it s own disk The disks are acutally just files Emulates sensitive instructions Runs on top of Guest OS! Scan blocks of code in OS, if a block of kernel code needs a sensitive If it s a user mode, do nothing... Aneesh Durg (UIUC) Virtualization February 13, 2018 8 / 14

Type 2 First made by VMWare in 2006 On first run needs to boot from disk and install the OS to it s own disk The disks are acutally just files Emulates sensitive instructions Runs on top of Guest OS! Scan blocks of code in OS, if a block of kernel code needs a sensitive If it s a user mode, do nothing... This is called binary translation Aneesh Durg (UIUC) Virtualization February 13, 2018 8 / 14

Why does binary translation work? Caching! Aneesh Durg (UIUC) Virtualization February 13, 2018 9 / 14

Why does binary translation work? Caching! Can generate a graph of blocks the OS needs as they are availible by following branches/jumps Aneesh Durg (UIUC) Virtualization February 13, 2018 9 / 14

Why does binary translation work? Caching! Can generate a graph of blocks the OS needs as they are availible by following branches/jumps Once the whole program is caches, should run at native speed Aneesh Durg (UIUC) Virtualization February 13, 2018 9 / 14

Why does binary translation work? Caching! Can generate a graph of blocks the OS needs as they are availible by following branches/jumps Once the whole program is caches, should run at native speed Some optimizations like jumping straight to cached blocks Aneesh Durg (UIUC) Virtualization February 13, 2018 9 / 14

Which one is better? Generally type 2 Aneesh Durg (UIUC) Virtualization February 13, 2018 10 / 14

Which one is better? Generally type 2 Type 1 causes too many traps :( Aneesh Durg (UIUC) Virtualization February 13, 2018 10 / 14

Which one is better? Generally type 2 Type 1 causes too many traps :( This leads to poor MMU performace, CPU caching, and branch prediction Aneesh Durg (UIUC) Virtualization February 13, 2018 10 / 14

More compilcated than we thought? Paravirtualization Aneesh Durg (UIUC) Virtualization February 13, 2018 11 / 14

More compilcated than we thought? Paravirtualization Hypervisor as a microkernel Abstraction around hardware interface Requires modified OS Virtualizing IO Aneesh Durg (UIUC) Virtualization February 13, 2018 11 / 14

More compilcated than we thought? Paravirtualization Hypervisor as a microkernel Abstraction around hardware interface Requires modified OS Virtualizing IO What about reading and writing from memory? Aneesh Durg (UIUC) Virtualization February 13, 2018 11 / 14

More compilcated than we thought? Paravirtualization Hypervisor as a microkernel Abstraction around hardware interface Requires modified OS Virtualizing IO What about reading and writing from memory? Licensing? Aneesh Durg (UIUC) Virtualization February 13, 2018 11 / 14

More compilcated than we thought? Paravirtualization Hypervisor as a microkernel Abstraction around hardware interface Requires modified OS Virtualizing IO What about reading and writing from memory? Licensing? If you have a licence to run an OS on one machine is it one real machine or one machine? Aneesh Durg (UIUC) Virtualization February 13, 2018 11 / 14

Containerization (The final frontier...) Docker! Aneesh Durg (UIUC) Virtualization February 13, 2018 12 / 14

Containerization (The final frontier...) Docker! Lots of overlapping features Isolation Low cost Multiple OSes Aneesh Durg (UIUC) Virtualization February 13, 2018 12 / 14

Containerization (The final frontier...) No need to virtualize all the hardware/entire OS Aneesh Durg (UIUC) Virtualization February 13, 2018 13 / 14

Containerization (The final frontier...) No need to virtualize all the hardware/entire OS Can share libraries, executables, drives, etc. Aneesh Durg (UIUC) Virtualization February 13, 2018 13 / 14

Containerization (The final frontier...) No need to virtualize all the hardware/entire OS Can share libraries, executables, drives, etc. Made possible by software like aufs Layered FS that can have another real fs underneath. Aneesh Durg (UIUC) Virtualization February 13, 2018 13 / 14

Containerization (The final frontier...) No need to virtualize all the hardware/entire OS Can share libraries, executables, drives, etc. Made possible by software like aufs Layered FS that can have another real fs underneath. choose the right tool for the right task. Aneesh Durg (UIUC) Virtualization February 13, 2018 13 / 14

Sources http: //searchservervirtualization.techtarget.com/answer/ How-is-containerization-different-from-virtualization Modern Operating Systems 3 rd edition. Andrew S. Tanenbaum Aneesh Durg (UIUC) Virtualization February 13, 2018 14 / 14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback