Cryptology ePrint Archive: Report 2015/898

Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud

Mehmet Sinan Inci and Berk Gulmezoglu and Gorka Irazoqui and Thomas Eisenbarth and Berk Sunar

Abstract: It has been six years since Ristenpart et al. demonstrated the viability of co-location and provided the first concrete evidence for sensitive information leakage on a commercial cloud. We show that co-location can be achieved and detected by monitoring the last level cache in public clouds. More significantly, we present a full-fledged attack that exploits subtle leakages to recover RSA decryption keys from a co-located instance. We target a recently patched Libgcrypt RSA implementation by mounting Cross-VM Prime and Probe cache attacks in combination with other tests to detect co-location in Amazon EC2. In a preparatory step, we reverse engineer the unpublished nonlinear slice selection function for the 10 core Intel Xeon processor which significantly accelerates our attack (this chipset is used in Amazon EC2). After co-location is detected and verified, we perform the Prime and Probe attack to recover noisy keys from a carefully monitored Amazon EC2 VM running the aforementioned vulnerable libgcrypt library. We subsequently process the noisy data and obtain the complete 2048-bit RSA key used during encryption. This work reaffirms the privacy concerns and underlines the need for deploying stronger isolation techniques in public clouds.

Category / Keywords: Public Cloud, Co-location Detection, RSA key recovery, Resource Sharing, Prime and Probe

Date: received 15 Sep 2015, last revised 22 Sep 2015

Contact author: teisenbarth at wpi edu

Available format(s): PDF | BibTeX Citation

Version: 20150922:184947 (All versions of this report)

Short URL: ia.cr/2015/898

Discussion forum: Show discussion | Start new discussion