A Faster and More Realistic Flush+Reload Attack on AES

Berk Gülmezoğlu, Mehmet Sinan Inci, Gorka Irazoqui, Thomas Eisenbarth, Berk Sunar

Abstract

Cloud’s unrivaled cost effectiveness and on the fly operation versatility is attractive to enterprise and personal users. However, the cloud inherits a dangerous behavior from virtualization systems that poses a serious security risk: resource sharing. This work exploits a shared resource optimization technique called memory deduplication to mount a powerful known-ciphertext only cache side-channel attack on a popular OpenSSL implementation of AES. In contrast to the other cross-VM cache attacks, our attack does not require synchronization with the target server and is fully asynchronous, working in a more realistic scenario with much weaker assumption. Also, our attack succeeds in just 15 seconds working across cores in the cross-VM setting. Our results show that there is strong information leakage through cache in virtualized systems and the memory deduplication should be approached with caution.
Original languageEnglish
Title of host publicationConstructive Side-Channel Analysis and Secure Design
EditorsStefan Mangard, Axel Y. Poschmann
Number of pages16
Volume9064
PublisherSpringer Berlin Heidelberg
Publication date17.07.2015
Pages111-126
ISBN (Print)978-3-319-21475-7
ISBN (Electronic)978-3-319-21476-4
DOIs
Publication statusPublished - 17.07.2015
Event6th nternational Workshop on Constructive Side-Channel Analysis and Secure Design - Berlin, Germany
Duration: 13.04.201514.04.2015

Fingerprint

Dive into the research topics of 'A Faster and More Realistic Flush+Reload Attack on AES'. Together they form a unique fingerprint.

Cite this