Cryptology ePrint Archive: Report 2011/428

AES Flow Interception: Key Snooping Method on Virtual Machine - Exception Handling Attack for AES-NI -

Tatsuya TAKEHISA and Hiroki NOGAWA and Masakatu MORII

Abstract: In this paper, we propose a method for snooping AES encryption key on Virtual Machine Monitor (VMM), and we present countermeasures against this attack. Recently, virtualization technology has rapidly emerged as a key technology for cloud computing. In general, the virtualization technology composes two software parts: one is virtual machine (VM) management software called Virtual Machine Monitor (VMM), and the other is its associated software. The virtualization technology at present does not provide methods for certifying dependability of the VMMs. In this situation, the following case is possible: when malicious service providers serve tampered VMMs and their users run their VMs on these VMMs, the users will suffer unintended information leakage. As one leakage case, in this paper, we propose a method for snooping AES encryption key on the VMM. In addition, we present countermeasures against this key snooping.

Category / Keywords: foundations / cryptanalysis, implementation, AES, Virtualization, Side Channel Attack

Date: received 8 Aug 2011

Contact author: takehisa at datacom co jp

Available format(s): PDF | BibTeX Citation

Version: 20110812:183000 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]