Paper 2015/898

Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud

Mehmet Sinan Inci, Berk Gulmezoglu, Gorka Irazoqui, Thomas Eisenbarth, and Berk Sunar


It has been six years since Ristenpart et al. demonstrated the viability of co-location and provided the first concrete evidence for sensitive information leakage on a commercial cloud. We show that co-location can be achieved and detected by monitoring the last level cache in public clouds. More significantly, we present a full-fledged attack that exploits subtle leakages to recover RSA decryption keys from a co-located instance. We target a recently patched Libgcrypt RSA implementation by mounting Cross-VM Prime and Probe cache attacks in combination with other tests to detect co-location in Amazon EC2. In a preparatory step, we reverse engineer the unpublished nonlinear slice selection function for the 10 core Intel Xeon processor which significantly accelerates our attack (this chipset is used in Amazon EC2). After co-location is detected and verified, we perform the Prime and Probe attack to recover noisy keys from a carefully monitored Amazon EC2 VM running the aforementioned vulnerable libgcrypt library. We subsequently process the noisy data and obtain the complete 2048-bit RSA key used during encryption. This work reaffirms the privacy concerns and underlines the need for deploying stronger isolation techniques in public clouds.

Available format(s)
Publication info
Public CloudCo-location DetectionRSA key recoveryResource SharingPrime and Probe
Contact author(s)
teisenbarth @ wpi edu
2015-09-22: revised
2015-09-16: received
See all versions
Short URL
Creative Commons Attribution


      author = {Mehmet Sinan Inci and Berk Gulmezoglu and Gorka Irazoqui and Thomas Eisenbarth and Berk Sunar},
      title = {Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud},
      howpublished = {Cryptology ePrint Archive, Paper 2015/898},
      year = {2015},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.