Paper 2014/435

Wait a minute! A fast, Cross-VM attack on AES

Gorka Irazoqui, Mehmet Sinan Inci, Thomas Eisenbarth, and Berk Sunar


In cloud computing, efficiencies are reaped by resource sharing such as co-location of computation and deduplication of data. This work exploits resource sharing in virtualization software to build a powerful cache-based attack on AES. We demonstrate the vulnerability by mounting Cross-VM Flush+Reload cache attacks in VMware VMs to recover the AES keys of OpenSSL 1.0.1 running inside the victim VM. Furthermore, the attack works in a realistic setting where different VMs are located on separate cores. The modified flush+reload attack we present, takes only in the order of seconds to minutes to succeed in a cross-VM setting. Therefore long term co-location, as required by other fine grain attacks in the literature, are not needed. The results of this study show that there is a great security risk to OpenSSL AES implementation running on VMware cloud services when the deduplication is not disabled.

Available format(s)
Publication info
Published elsewhere. MINOR revision.Research in Attacks, Intrusions and Defenses Symposium - RAID 2014
Contact author(s)
teisenbarth @ wpi edu
2014-11-20: revised
2014-06-12: received
See all versions
Short URL
Creative Commons Attribution


      author = {Gorka Irazoqui and Mehmet Sinan Inci and Thomas Eisenbarth and Berk Sunar},
      title = {Wait a minute! A fast, Cross-VM attack on AES},
      howpublished = {Cryptology ePrint Archive, Paper 2014/435},
      year = {2014},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.