Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud


It has been six years since Ristenpart et al. [29] demonstrated the viability of co-location and provided the first concrete evidence for sensitive information leakage on a commercial cloud. We show that co-location can be achieved and detected by monitoring the last level cache in public clouds. More significantly, we present a full-fledged attack that exploits subtle leakages to recover RSA decryption keys from a colocated instance. We target a recently patched Libgcrypt RSA implementation by mounting Cross-VM Prime and Probe cache attacks in combination with other tests to detect co-location in Amazon EC2. In a preparatory step, we reverse engineer the unpublished nonlinear slice selection function for the 10 core Intel Xeon processor which significantly accelerates our attack (this chipset is used in Amazon EC2). After co-location is detected and verified, we perform the Prime and Probe attack to recover noisy keys from a carefully monitored Amazon EC2 VM running the aforementioned vulnerable libgcrypt library. We subsequently process the noisy data and obtain the complete 2048-bit RSA key used during encryption. This work reaffirms the privacy concerns and underlines the need for deploying stronger isolation techniques in public clouds. Amazon EC2, Co-location Detection, RSA key recovery, Resource Sharing, Prime and Probe

Extracted Key Phrases

13 Figures and Tables

Citations per Year

Citation Velocity: 16

Averaging 16 citations per year over the last 3 years.

Learn more about how we calculate this metric in our FAQ.

Cite this paper

@article{Inci2015SeriouslyGO, title={Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud}, author={Mehmet Sinan Inci and Berk G{\"{u}lmezoglu and Gorka Irazoqui Apecechea and Thomas Eisenbarth and Berk Sunar}, journal={IACR Cryptology ePrint Archive}, year={2015}, volume={2015}, pages={898} }