Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Cross-VM side channels and their use to extract private keys
Zhang Y., Juels A., Reiter M., Ristenpart T.  CCS 2012 (Proceedings of the 2012 ACM Conference on Computer and Communications Security, Raleigh, NC, Oct 16-18, 2012)305-316.2012.Type:Proceedings
Date Reviewed: Feb 8 2013

The discovery of a high-impact side-channel attack is bad news for vulnerable systems, as it affects their design in an unexpected way. Side channel-attacks have been studied for virtual machines with very limited success up to now. Co-hosting servers with different security requirements does not feel right (it’s better to be safe than sorry: just don’t do it!). Still, extracting keys across such a side channel is intuitively highly unlikely. Even so, this paper shows how it can be done.

The side channel the authors use is neither new nor unexpected: the processor cache. A first hurdle is that the cache channel only leaks information if very short time intervals can be inspected. They needed to reduce the observation granularity down to what is required for meaningful measurements. Using inter-processor interrupts makes that possible.

Even then, there is significant noise as the attack is executed on real-life software and operating systems. The authors assume knowledge of the software on the victim virtual machine (VM), so that they can train a classification engine that will detect the interesting parts and at the same time eliminate noise. In this study, a private key is the target. Using the private key leads to recognizable and different code sequences whether the key has a 0 or a 1 in a given position: square for a 0, and square and multiply for a 1. Analyzing a code fragment via its cache use results in a sequence of multiply, square, or unknown operations. This is the raw data that is collected multiple times and is used to construct the key.

The first component in the chain producing the key from the basic trace data is a multiclass support vector machine. The next component uses hidden Markov models. Finally, the results are post-processed using domain knowledge. The outcome can best be described as strings with known elements and unknown positions. These strings are then aligned to form the full sequence of interest. In this paper, that result is a sequence of 1, 0, or unknown bits. The remaining unknowns are detected via brute force. The authors succeeded in ending with a very limited search space (less than 10,000 tries), with data obtained from just a few hours of data collection.

The paper highlights the risks of shared environments convincingly. It also provides novel ideas for exploiting side channels and other partial, unreliable data leaks.
Reviewer:  A. Mariën Review #: CR140921 (1306-0526)
Bookmark and Share
  Reviewer Selected
Featured Reviewer 		 
 
Information Flow Controls (D.4.6 ... )
 
 
Channels And Controllers (B.4.2 ... )
 
 
Data Encryption (E.3 )
 
Would you recommend this review?
yes
no
Other reviews under "Information Flow Controls": Date
Protecting privacy using the decentralized label model
Myers A., Liskov B. ACM Transactions on Software Engineering and Methodology 9(4): 410-442, 2000. Type: Article		 Apr 1 2001
Buffer overflow and format string overflow vulnerabilities
Lhee K., Chapin S. Software--Practice & Experience 33(5): 423-460, 2003. Type: Article		 Aug 4 2003
A Hookup Theorem for Multilevel Security
McCullough D. IEEE Transactions on Software Engineering 16(6): 563-568, 1990. Type: Article		 Apr 1 1991
more...
E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use | Privacy Policy