Abstract | ||
---|---|---|
Cloud's unrivaled cost effectiveness and on the fly operation versatility is attractive to enterprise and personal users. However, the cloud inherits a dangerous behavior from virtualization systems that poses a serious security risk: resource sharing. This work exploits a shared resource optimization technique called memory deduplication to mount a powerful known-ciphertext only cache side-channel attack on a popular OpenSSL implementation of AES. In contrast to the other cross-VM cache attacks, our attack does not require synchronization with the target server and is fully asynchronous, working in a more realistic scenario with much weaker assumption. Also, our attack succeeds in just 15 seconds working across cores in the cross-VM setting. Our results show that there is strong information leakage through cache in virtualized systems and the memory deduplication should be approached with caution. |
Year | DOI | Venue |
---|---|---|
2015 | 10.1007/978-3-319-21476-4_8 | COSADE |
Keywords | Field | DocType |
Asynchronouos cross-VM attack, Memory deduplication, Flush and reload, Known ciphertext attack, Cache attacks | Virtualization,Asynchronous communication,Information leakage,Cache,Computer science,Computer network,Pre-play attack,Exploit,Shared resource,Operating system,Cloud computing | Conference |
Volume | ISSN | Citations |
9064 | 0302-9743 | 13 |
PageRank | References | Authors |
0.61 | 11 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Berk Gülmezoglu | 1 | 46 | 3.81 |
Mehmet Sinan Inci | 2 | 111 | 6.56 |
Gorka Irazoqui Apecechea | 3 | 258 | 12.16 |
Thomas Eisenbarth | 4 | 840 | 61.33 |
Berk Sunar | 5 | 956 | 68.31 |