ABSTRACT
This paper details the construction of an access-driven side-channel attack by which a malicious virtual machine (VM) extracts fine-grained information from a victim VM running on the same physical computer. This attack is the first such attack demonstrated on a symmetric multiprocessing system virtualized using a modern VMM (Xen). Such systems are very common today, ranging from desktops that use virtualization to sandbox application or OS compromises, to clouds that co-locate the workloads of mutually distrustful customers. Constructing such a side-channel requires overcoming challenges including core migration, numerous sources of channel noise, and the difficulty of preempting the victim with sufficient frequency to extract fine-grained information from it. This paper addresses these challenges and demonstrates the attack in a lab setting by extracting an ElGamal decryption key from a victim using the most recent version of the libgcrypt cryptographic library.
- O. Aciiçmez. Yet another microarchitectural attack: Exploiting I-cache. In ACM Workshop on Computer Security Architecture, pages 11--18, October 2007. Google ScholarDigital Library
- O. Aciiçmez, B. B. Brumley, and P. Grabher. New results on instruction cache attacks. In Cryptographic Hardware and Embedded Systems, CHES 2010, 12th International Workshop, pages 110--124, August 2010. Google ScholarDigital Library
- O. Aciiçmez, Ç. K. Koç, and J.-P. Seifert. On the power of simple branch prediction analysis. In 2nd ACM Symposium on Information, Computer and Communications Security, pages 312--320, March 2007. Google ScholarDigital Library
- O. Aciiçmez, W. Schindler, and Ç. K. Koç. Cache based remote timing attack on the AES. In Topics in Cryptology -- CT-RSA 2007, The Cryptographers' Track at the RSA Conference 2007, pages 271--286, February 2007. Google ScholarDigital Library
- O. Aciiçmez and J.-P. Seifert. Cheap hardware parallelism implies cheap security. In Workshop on Fault Diagnosis and Tolerance in Cryptography, pages 80--91, September 2007. Google ScholarDigital Library
- M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia. A view of cloud computing. Commun. ACM, 53(4):50--58, 2010. Google ScholarDigital Library
- Celera Assembler. http://wgs-assembler.sourceforge.net/.Google Scholar
- E. Bangerter, D. Gullasch, and S. Krenn. Cache games -- bringing access-based cache attacks on AES to practice. In 32nd IEEE Symposium on Security and Privacy, 2011. Google ScholarDigital Library
- P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. Xen and the art of virtualization. In 19th ACM Symposium on Operating Systems Principles, pages 164--177, 2003. Google ScholarDigital Library
- L. E. Baum, T. Petrie, G. Soules, and N. Weiss. A maximization technique occurring in the statistical analysis of probabilistic functions of markov chains. The Annals of Mathematical Statistics, 41(1):164--171, 1970.Google ScholarCross Ref
- D. J. Bernstein. Cache-timing attacks on AES, 2005.Google Scholar
- C. M. Bishop. Pattern Recognition and Machine Learning. Springer, October 2007.Google ScholarDigital Library
- D. Brumley and D. Boneh. Remote timing attacks are practical. Computer Networks, 48(5):701--716, 2005. Google ScholarDigital Library
- J. Callas, L. Donnerhacke, H. Finney, and R. Thayer. Openpgp message format. Technical report, RFC 2440, November, 1998. Google ScholarDigital Library
- C. C. Chang and C. J. Lin. LIBSVM: a library for support vector machines. ACM Transactions on Intelligent Systems and Technology (TIST), 2(3):27, 2011. Google ScholarDigital Library
- D. Chisnall. The Definitive Guide to the Xen Hypervisor (Prentice Hall Open Source Software Development Series). Prentice Hall PTR, November 2007. Google ScholarDigital Library
- ClustalW2. http://www.clustal.org/clustal2/.Google Scholar
- Intel Corporation. Intel 64 and IA-32 architectures software developer's manual, vol 1--3. http://www.intel.com/products/processor/manuals/.Google Scholar
- T. ElGamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, IT-31(4), July 1985. Google ScholarDigital Library
- P. England and J. Manferdelli. Virtual machines for enterprise desktop security. Information Security Technical Report, 11(4):193 -- 202, 2006. Google ScholarDigital Library
- K. Gandolfi, C. Mourtel, and F. Olivier. Electromagnetic analysis: Concrete results. In Cryptographic Hardware and Embedded Systems -- CHES 2001, volume 2162 of LNCS, pages 251--261, May 2001. Google ScholarDigital Library
- T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: a virtual machine-based platform for trusted computing. In ACM Symposium on Operating Systems Principles, pages 193--206. ACM, 2003. Google ScholarDigital Library
- N. Gautham. Bioinformatics: Databases and Algorithms. Alpha Science International Ltd., 2006. Google ScholarDigital Library
- Gnu Privacy Guard. www.gnupg.org, 2012.Google Scholar
- P. Kocher, J. Jaffe, and B. Jun. Differential power analysis. In Advances in Cryptology -- CRYPTO '99, volume 1666 of LNCS, pages 388--397, August 1999. Google ScholarDigital Library
- P. C. Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In N. Koblitz, editor, Advances in Cryptology -- Crypto'96, volume 1109 of LNCS, pages 104--113. Springer-Verlag, 1996. Google ScholarDigital Library
- D. Magenheimer. TSC mode HowTo. Available: http://mirror.choon.net/xen/xen-unstable.hg/docs/misc/tscmode.txt.Google Scholar
- Andrew Marshall, Michael Howard, Grant Bugher, and Brian Harden. Security best practices for developing windows azure applications, June 2010.Google Scholar
- R. Meushaw and D. Simard. A network on a desktop. NSA Tech Trend Notes, 9(4), 2000. http://www.vmware.com/pdf/TechTrendNotes.pdf.Google Scholar
- P. L. Montgomery. Speeding the Pollard and elliptic curve methods of factorization. Math. Comp, 48(177):243--264, January 1987.Google ScholarCross Ref
- S. B. Needleman and C. D. Wunsch. A general method applicable to the search for similarities in the amino acid sequence of two proteins. Journal of Molecular Biology, 48(3):443--453, March 1970.Google ScholarCross Ref
- M. Neve and J.-P. Seifert. Advances on access-driven cache attacks on AES. In Selected Areas in Cryptography, 13th International Workshop, SAC 2006, pages 147--162, August 2006. Google ScholarDigital Library
- D. A. Osvik, A. Shamir, and E. Tromer. Cache attacks and countermeasures: the case of AES. In Topics in Cryptology -- CT-RSA 2006, pages 1--20. Springer-Verlag, 2005. Google ScholarDigital Library
- R. Owens and W. Wang. Non-interactive OS fingerprinting through memory de-duplication technique in virtual machines. In IEEE International Performance Computing and Communications Conference, 2011. Google ScholarDigital Library
- D. Page. Partitioned cache architecture as a side-channel defence mechanism, 2005.Google Scholar
- C. Percival. Cache missing for fun and profit. In BSDCon 2005, 2005.Google Scholar
- M. Piotrowski and A. D. Joseph. Virtics: A system for privilege separation of legacy desktop applications. Technical Report EECS-2010-70, U.C. Berkeley, 2010.Google Scholar
- J.-J. Quisquater and D. Samyde. Electromagnetic analysis (EMA): Measures and counter-measures for smart cards. In Smart Card Programming and Security, International Conference on Research in Smart Cards, E-smart 2001, volume 2140 of LNCS, pages 200--210, September 2001. Google ScholarDigital Library
- T. Ristenpart, E. Tromer, H. Shacham, and S. Savage. Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds. In 16th ACM Conference on Computer and Communications Security, pages 199--212, 2009. Google ScholarDigital Library
- R. L. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), February 1978. Google ScholarDigital Library
- J. Rutkowska and R. Wojtczuk. Qubes OS architecture. http://qubes-os.org, 2012.Google Scholar
- Xen 4.2: New scheduler parameters. http://blog.xen.org/index.php/2012/04/10/xen-4-2-new-scheduler-parameters-2/.Google Scholar
- E. Tromer, D. A. Osvik, and A. Shamir. Efficient cache attacks on AES, and countermeasures. Journal of Cryptology, 23(1):37--71, 2010. Google ScholarDigital Library
- D. Tsafrir, Y. Etsion, and D. G. Feitelson. Secretly monopolizing the CPU without superuser privileges. In 16th USENIX Security Symposium, pages 1--18, 2007. Google ScholarDigital Library
- A. J. Viterbi. Error bounds for convolutional codes and an asymptotically optimum decoding algorithm. IEEE Trans. Inform. Theory, IT-13:260-269, April 1967. Google ScholarDigital Library
- M. Weiß, B. Heinz, and F. Stumpf. A cache timing attack on AES in virtualization environments. In 16th International Conference on Financial Cryptography and Data Security, February 2012.Google ScholarCross Ref
- Can I dedicate a cpu core (or cores) only for dom0? http://wiki.xen.org/wiki/XenCommonProblems#Can_I_dedicate_a_cpu_core_.28or_cores.29_only_for_dom0.3F.Google Scholar
- Y. Xu, M. Bailey, F. Jahanian, K. Joshi, M. Hiltunen, and R. Schlichting. An exploration of L2 cache covert channels in virtualized environments. In ACM Cloud Computing Security Workshop, pages 29--40, 2011. Google ScholarDigital Library
- Y. Zhang, A. Juels, A. Oprea, and M. K. Reiter. Homealone: Co-residency detection in the cloud via side-channel analysis. In 2011 IEEE Symposium on Security and Privacy, pages 313--328, 2011. Google ScholarDigital Library
- F. Zhou, M. Goel, P. Desnoyers, and R. Sundaram. Scheduler vulnerabilities and coordinated attacks in cloud computing. In IEEE International Symposium on Networking Computing and Applications, 2011. Google ScholarDigital Library
Index Terms
Cross-VM side channels and their use to extract private keys
Recommendations
Düppel: retrofitting commodity operating systems to mitigate cache side channels in the cloud
CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications securityThis paper presents the design, implementation and evaluation of a system called Düppel that enables a tenant virtual machine to defend itself from cache-based side-channel attacks in public clouds. Düppel includes defenses for time-shared caches such ...
Last-Level Cache Side-Channel Attacks are Practical
SP '15: Proceedings of the 2015 IEEE Symposium on Security and PrivacyWe present an effective implementation of the Prime Probe side-channel attack against the last-level cache. We measure the capacity of the covert channel the attack creates and demonstrate a cross-core, cross-VM attack on multiple versions of GnuPG. Our ...
A memory-deduplication side-channel attack to detect applications in co-resident virtual machines
SAC '18: Proceedings of the 33rd Annual ACM Symposium on Applied ComputingVirtualization offers the possibility of hosting services of multiple customers on shared hardware. When more than one Virtual Machine (VM) run on the same host, memory deduplication can save physical memory by merging identical pages of the VMs. ...
Comments