Cache Attacks Enable Bulk Key Recovery on the Cloud

Mehmet Sinan Inci, Berk Gulmezoglu, Gorka Irazoqui, Thomas Eisenbarth, Berk Sunar

Abstract

Cloud services keep gaining popularity despite the security concerns. While non-sensitive data is easily trusted to cloud, security critical data and applications are not. The main concern with the cloud is the shared resources like the CPU, memory and even the network adapter that provide subtle side-channels to malicious parties. We argue that these side-channels indeed leak fine grained, sensitive information and enable key recovery attacks on the cloud. Even further, as a quick scan in one of the Amazon EC2 regions shows, high percentage – 55 % – of users run outdated, leakage prone libraries leaving them vulnerable to mass surveillance.

The most commonly exploited leakage in the shared resource systems stem from the cache and the memory. High resolution and the stability of these channels allow the attacker to extract fine grained information. In this work, we employ the Prime and Probe attack to retrieve an RSA secret key from a co-located instance. To speed up the attack, we reverse engineer the cache slice selection algorithm for the Intel Xeon E5-2670 v2 that is used in our cloud instances. Finally we employ noise reduction to deduce the RSA private key from the monitored traces. By processing the noisy data we obtain the complete 2048-bit RSA key used during the decryption.
OriginalspracheEnglisch
TitelCryptographic Hardware and Embedded Systems – CHES 2016
Redakteure/-innenBenedikt Gierlichs, Axel Y. Poschmann
Seitenumfang21
Band9813
Herausgeber (Verlag)Springer Verlag
Erscheinungsdatum04.08.2016
Seiten368-388
ISBN (Print)978-3-662-53139-6
ISBN (elektronisch)978-3-662-53140-2
DOIs
PublikationsstatusVeröffentlicht - 04.08.2016
Veranstaltung18th International Conference on Cryptographic Hardware and Embedded Systems - Santa Barbara, USA / Vereinigte Staaten
Dauer: 17.08.201619.08.2016

Fingerprint

Untersuchen Sie die Forschungsthemen von „Cache Attacks Enable Bulk Key Recovery on the Cloud“. Zusammen bilden sie einen einzigartigen Fingerprint.

Zitieren