Researchers use virtual machine for cloud crypto key attack

By

Air-gap to avoid side-channelling.

Computer scientists at the University of North Carolina have constructed (pdf) a system whereby a malicious virtual machine is used in a so-called access-driven side-channel attack for the first time.

Researchers use virtual machine for cloud crypto key attack

Running on the Xen hypervisor, the attack succeeded in extracting an ElGamal decryption key from a victim virtual machine using the most recent version of the libgcrypt cryptographic library, the researchers wrote. 

It undermines hitherto assumed strong isolation guarantees for VMs on public cloud systems such as Amazon EC2, Microsoft Azure and Rackspace, as well as military multi-level security environments and virtualised enterprise and home desktops.

Traditional access control mechanisms in virtual machine managers that enforce logical isolations between virtual machines many not be sufficient if attackers can circumvent these in side-channel attacks, the researchers said.

The attack, which is described as "difficult" by the researchers only works when both the victim and malicious virtual machines are running on the same physical hardware.

It is the first demonstration of a side-channel analysis attack on a virtualised, symmetrical multi-processing server and allowed the researchers to glean enough cryptographic square and multiply operation fragments from the target to deduce the ElGamal encryption key over several hours.

More practical variants of the side-channel virtual machine attack are expected to become possible after the researchers' succesful demonstration.

To mitigate against attacks like the above, the researchers suggest not siting sensitive virtual machines on the same hardware and instead "air-gap" using separate computers.

Algorithms resistant to side-channel attacks are also proposed by the researchers, as well as changes to the scheduling in virtual machine managers to prevent attack virtual machines from accessing the data caches on target virtual machines.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul

CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

WestJet probes cyber security incident

WestJet probes cyber security incident

Log In

  |  Forgot your password?