2014 IEEE International Conference on Big Data and Cloud Computing (BdCloud) (2014)
Dec. 3, 2014 to Dec. 5, 2014
This work exposes vulnerabilities in virtualized cloud servers by mounting Cross-VM cache attacks in Xen and VMware VMs. We show for the first time that AES implementations in a number popular cryptographic libraries including Open SSL, Polar SSL and Libgcrypt have non-constant execution times and are vulnerable to Bernstein's correlation attack when run in Xen and VMware (bare metal version) VMs. We show that the vulnerability persists even if the VMs are running on different cores in the same machine. Experiments on Amazon EC2 and Google Compute Engine highlight the practical implications of the found vulnerability. The results of this study show that there remains a security risk to AES implementations of popular libraries and data encrypted under AES on popular cloud services.
Servers, Prefetching, Conferences, Big data, Cloud computing, Abstracts, Government
G. Irazoqui, M. S. Inci, T. Eisenbarth and B. Sunar, "Fine Grain Cross-VM Attacks on Xen and VMware," 2014 IEEE International Conference on Big Data and Cloud Computing (BdCloud)(BDCLOUD), Sydney, Australia, 2015, pp. 737-744.