A Faster and More Realistic Flush+Reload Attack on AES

Berk  Gülmezoğlu; Mehmet Sinan  Inci; Gorka  Irazoqui; Thomas Eisenbarth; Berk  Sunar

doi:10.1007/978-3-319-21476-4_8

A Faster and More Realistic Flush+Reload Attack on AES

Berk Gülmezoğlu, Mehmet Sinan Inci, Gorka Irazoqui, Thomas Eisenbarth, Berk Sunar

Institute of IT Security

Worcester Polytechnic Institute

66 Citations (Scopus)

Abstract

Cloud’s unrivaled cost effectiveness and on the fly operation versatility is attractive to enterprise and personal users. However, the cloud inherits a dangerous behavior from virtualization systems that poses a serious security risk: resource sharing. This work exploits a shared resource optimization technique called memory deduplication to mount a powerful known-ciphertext only cache side-channel attack on a popular OpenSSL implementation of AES. In contrast to the other cross-VM cache attacks, our attack does not require synchronization with the target server and is fully asynchronous, working in a more realistic scenario with much weaker assumption. Also, our attack succeeds in just 15 seconds working across cores in the cross-VM setting. Our results show that there is strong information leakage through cache in virtualized systems and the memory deduplication should be approached with caution.

Original language	English
Title of host publication	Constructive Side-Channel Analysis and Secure Design
Editors	Stefan Mangard, Axel Y. Poschmann
Number of pages	16
Volume	9064
Publisher	Springer Berlin Heidelberg
Publication date	17.07.2015
Pages	111-126
ISBN (Print)	978-3-319-21475-7
ISBN (Electronic)	978-3-319-21476-4
DOIs	https://doi.org/10.1007/978-3-319-21476-4_8
Publication status	Published - 17.07.2015
Event	6th nternational Workshop on Constructive Side-Channel Analysis and Secure Design - Berlin, Germany Duration: 13.04.2015 → 14.04.2015

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

SDG 9 Industry, Innovation, and Infrastructure
SDG 11 Sustainable Cities and Communities
SDG 12 Responsible Consumption and Production

Access to Document

10.1007/978-3-319-21476-4_8

Cite this

Gülmezoğlu, B., Inci, M. S., Irazoqui, G., Eisenbarth, T., & Sunar, B. (2015). A Faster and More Realistic Flush+Reload Attack on AES. In S. Mangard, & A. Y. Poschmann (Eds.), Constructive Side-Channel Analysis and Secure Design (Vol. 9064, pp. 111-126). (Lecture Notes in Computer Science; Vol. 9064). Springer Berlin Heidelberg. https://doi.org/10.1007/978-3-319-21476-4_8

@inproceedings{3c235866d1c24d69ab38a1931204b97a,

title = "A Faster and More Realistic Flush+Reload Attack on AES",

abstract = "Cloud{\textquoteright}s unrivaled cost effectiveness and on the fly operation versatility is attractive to enterprise and personal users. However, the cloud inherits a dangerous behavior from virtualization systems that poses a serious security risk: resource sharing. This work exploits a shared resource optimization technique called memory deduplication to mount a powerful known-ciphertext only cache side-channel attack on a popular OpenSSL implementation of AES. In contrast to the other cross-VM cache attacks, our attack does not require synchronization with the target server and is fully asynchronous, working in a more realistic scenario with much weaker assumption. Also, our attack succeeds in just 15 seconds working across cores in the cross-VM setting. Our results show that there is strong information leakage through cache in virtualized systems and the memory deduplication should be approached with caution.",

author = "Berk G{\"u}lmezoğlu and Inci, \{Mehmet Sinan\} and Gorka Irazoqui and Thomas Eisenbarth and Berk Sunar",

year = "2015",

month = jul,

day = "17",

doi = "10.1007/978-3-319-21476-4\_8",

language = "English",

isbn = "978-3-319-21475-7",

volume = "9064",

series = "Lecture Notes in Computer Science",

publisher = "Springer Berlin Heidelberg",

pages = "111--126",

editor = "Mangard, \{Stefan \} and Poschmann, \{Axel Y. \}",

booktitle = "Constructive Side-Channel Analysis and Secure Design",

note = "6th nternational Workshop on Constructive Side-Channel Analysis and Secure Design, COSADE 2015 ; Conference date: 13-04-2015 Through 14-04-2015",

}

Gülmezoğlu, B, Inci, MS, Irazoqui, G, Eisenbarth, T & Sunar, B 2015, A Faster and More Realistic Flush+Reload Attack on AES. in S Mangard & AY Poschmann (eds), Constructive Side-Channel Analysis and Secure Design. vol. 9064, Lecture Notes in Computer Science, vol. 9064, Springer Berlin Heidelberg, pp. 111-126, 6th nternational Workshop on Constructive Side-Channel Analysis and Secure Design, Berlin, Germany, 13.04.15. https://doi.org/10.1007/978-3-319-21476-4_8

A Faster and More Realistic Flush+Reload Attack on AES. / Gülmezoğlu, Berk ; Inci, Mehmet Sinan ; Irazoqui, Gorka et al.
Constructive Side-Channel Analysis and Secure Design. ed. / Stefan Mangard; Axel Y. Poschmann. Vol. 9064 Springer Berlin Heidelberg, 2015. p. 111-126 (Lecture Notes in Computer Science; Vol. 9064).

Research output: Chapters in Books/Reports/Conference Proceedings › Conference contribution › peer-review

TY - GEN

T1 - A Faster and More Realistic Flush+Reload Attack on AES

AU - Gülmezoğlu, Berk

AU - Inci, Mehmet Sinan

AU - Irazoqui, Gorka

AU - Eisenbarth, Thomas

AU - Sunar, Berk

PY - 2015/7/17

Y1 - 2015/7/17

N2 - Cloud’s unrivaled cost effectiveness and on the fly operation versatility is attractive to enterprise and personal users. However, the cloud inherits a dangerous behavior from virtualization systems that poses a serious security risk: resource sharing. This work exploits a shared resource optimization technique called memory deduplication to mount a powerful known-ciphertext only cache side-channel attack on a popular OpenSSL implementation of AES. In contrast to the other cross-VM cache attacks, our attack does not require synchronization with the target server and is fully asynchronous, working in a more realistic scenario with much weaker assumption. Also, our attack succeeds in just 15 seconds working across cores in the cross-VM setting. Our results show that there is strong information leakage through cache in virtualized systems and the memory deduplication should be approached with caution.

AB - Cloud’s unrivaled cost effectiveness and on the fly operation versatility is attractive to enterprise and personal users. However, the cloud inherits a dangerous behavior from virtualization systems that poses a serious security risk: resource sharing. This work exploits a shared resource optimization technique called memory deduplication to mount a powerful known-ciphertext only cache side-channel attack on a popular OpenSSL implementation of AES. In contrast to the other cross-VM cache attacks, our attack does not require synchronization with the target server and is fully asynchronous, working in a more realistic scenario with much weaker assumption. Also, our attack succeeds in just 15 seconds working across cores in the cross-VM setting. Our results show that there is strong information leakage through cache in virtualized systems and the memory deduplication should be approached with caution.

UR - https://www.semanticscholar.org/paper/A-Faster-and-More-Realistic-Flush%2BReload-Attack-on-G%C3%BClmezoglu-Inci/34f2ab81056d9129c447706bd52ac794107f63c6

U2 - 10.1007/978-3-319-21476-4_8

DO - 10.1007/978-3-319-21476-4_8

M3 - Conference contribution

SN - 978-3-319-21475-7

VL - 9064

T3 - Lecture Notes in Computer Science

SP - 111

EP - 126

BT - Constructive Side-Channel Analysis and Secure Design

A2 - Mangard, Stefan

A2 - Poschmann, Axel Y.

PB - Springer Berlin Heidelberg

T2 - 6th nternational Workshop on Constructive Side-Channel Analysis and Secure Design

Y2 - 13 April 2015 through 14 April 2015

ER -

A Faster and More Realistic Flush+Reload Attack on AES

Abstract

UN SDGs

Access to Document

Other files and links

Fingerprint

Cite this