Paper 2014/248

Fine grain Cross-VM Attacks on Xen and VMware are possible!

Gorka Irazoqui Apecechea, Mehmet Sinan Inci, Thomas Eisenbarth, and Berk Sunar

Abstract

This work exposes further vulnerabilities in virtualized cloud servers by mounting Cross-VM cache attacks in Xen and VMware VMs targeting AES running in the victim VM. Even though there exists a rich literature on cache attacks on AES, so far only a single work, demonstrating a working attack on an ARM platform running a L4Re virtualization layer has been published. Here we show that AES in a number popular cryptographic libraries including OpenSSL, PolarSSL and Libgcrypt are vulnerable to Bernstein’s correlation attack when run in Xen and VMware (bare metal version) VMs, the most popular VMs used by cloud service providers (CSP) such as Amazon and Rackspace. We also show that the vulnerability persists even if the VMs are placed on different cores in the same machine. The results of this study shows that there is a great security risk to AES and (data encrypted under AES) on popular cloud services.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Contact author(s)
sunar @ wpi edu
History
2014-04-20: received
Short URL
https://ia.cr/2014/248
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/248,
      author = {Gorka Irazoqui Apecechea and Mehmet Sinan Inci and Thomas Eisenbarth and Berk Sunar},
      title = {Fine grain Cross-VM Attacks on Xen and VMware are possible!},
      howpublished = {Cryptology ePrint Archive, Paper 2014/248},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/248}},
      url = {https://eprint.iacr.org/2014/248}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.