Wait a minute! A fast, Cross-VM attack on AES

Gorka Irazoqui, Mehmet Sinan Inci, Thomas Eisenbarth, Berk Sunar


In cloud computing, efficiencies are reaped by resource sharing such as co-location of computation and deduplication of data. This work exploits resource sharing in virtualization software to build a powerful cache-based attack on AES. We demonstrate the vulnerability by mounting Cross-VM Flush+Reload cache attacks in VMware VMs to recover the keys of an AES implementation of OpenSSL 1.0.1 running inside the victim VM. Furthermore, the attack works in a realistic setting where different VMs are located on separate cores. The modified flush+reload attack we present, takes only in the order of seconds to minutes to succeed in a cross-VM setting. Therefore long term co-location, as required by other fine grain attacks in the literature, are not needed. The results of this study show that there is a great security risk to OpenSSL AES implementation running on VMware cloud services when the deduplication is not disabled.
Original languageEnglish
Title of host publicationResearch in Attacks, Intrusions and Defenses
EditorsAngelos Stavrou, Herbert Bos, Georgios Portokalidis
Number of pages21
PublisherSpringer Berlin Heidelberg
Publication date09.2014
ISBN (Print)978-3-319-11378-4
ISBN (Electronic)978-3-319-11379-1
Publication statusPublished - 09.2014
Event17th International Workshop on Recent Advances in Intrusion Detection - Gothenburg, Sweden
Duration: 17.09.201419.09.2014


Dive into the research topics of 'Wait a minute! A fast, Cross-VM attack on AES'. Together they form a unique fingerprint.

Cite this