Are Cache Attacks on Public Clouds Practical?

Similar documents
Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Clouds. Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage

Cloud computing security

Cloud security CS642: Computer Security Professor Ristenpart h9p:// rist at cs dot wisc dot edu University of Wisconsin CS 642

HEY, YOU, GET OFF OF MY CLOUD: EXPLORING INFORMATION LEAKAGE

Virtualization and Cloud Computing. The Threat of Covert Channels. Related Work. Zhenyu Wu, Zhang Xu, and Haining Wang 1

Side Channels: Hardware or Software threat?

CIT 668: System Architecture

Effects of Memory Randomization, Sanitization and Page Cache on Memory Deduplication

Computer Science. About PaaS Security. Donghoon Kim Henry E. Schaffer Mladen A. Vouk

Enabling Technologies for Distributed Computing

Enabling Technologies for Distributed and Cloud Computing

Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor?

Virtual Switching Without a Hypervisor for a More Secure Cloud

IOS110. Virtualization 5/27/2014 1

StACC: St Andrews Cloud Computing Co laboratory. A Performance Comparison of Clouds. Amazon EC2 and Ubuntu Enterprise Cloud

Privacy Protection in Virtualized Multi-tenant Cloud: Software and Hardware Approaches

Privacy, Security and Cloud

Virtualisation Without a Hypervisor in Cloud Infrastructures: An Initial Analysis

Analysis of VDI Storage Performance During Bootstorm

Betriebssysteme KU Security

Confinement Problem. The confinement problem Isolating entities. Example Problem. Server balances bank accounts for clients Server security issues:

9/26/2011. What is Virtualization? What are the different types of virtualization.

A Threat Model for a Cloud Infrastructure with no Hypervisor

Intro to Virtualization

Full and Para Virtualization

Side Channel Analysis and Embedded Systems Impact and Countermeasures

Compromise-as-a-Service

COS 318: Operating Systems. Virtual Machine Monitors

COM 444 Cloud Computing

Basics in Energy Information (& Communication) Systems Virtualization / Virtual Machines

Virtualization. Jukka K. Nurminen

The Threat of Coexisting With an Unknown Tenant in a Public Cloud

Data Centers and Cloud Computing

AES Flow Interception : Key Snooping Method on Virtual Machine. - Exception Handling Attack for AES-NI -

Virtualization. Pradipta De

International Journal of Advance Research in Computer Science and Management Studies

Distributed System Monitoring and Failure Diagnosis using Cooperative Virtual Backdoors

On the Prevention of Cache-Based Side-Channel Attacks in a Cloud Environment

Virtualization. Dr. Yingwu Zhu

Virtualization for Cloud Computing

VMware Security Briefing. Rob Randell, CISSP Senior Security Specialist SE

RPM Brotherhood: KVM VIRTUALIZATION TECHNOLOGY

Virtualization: Know your options on Ubuntu. Nick Barcet. Ubuntu Server Product Manager

Securing your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation

DIABLO TECHNOLOGIES MEMORY CHANNEL STORAGE AND VMWARE VIRTUAL SAN : VDI ACCELERATION

CPET 581 Cloud Computing: Technologies and Enterprise IT Strategies. Virtualization of Clusters and Data Centers

GPU File System Encryption Kartik Kulkarni and Eugene Linkov

Week Overview. Installing Linux Linux on your Desktop Virtualization Basic Linux system administration

Virtualization. Types of Interfaces

Storm Clouds Rising: Security Challenges for IaaS Cloud Computing

Effects of Memory Randomization, Sanitization and Page Cache on Memory Deduplication

Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds

Virtualization System Vulnerability Discovery Framework. Speaker: Qinghao Tang Title:360 Marvel Team Leader

CFCC: Covert Flows Confinement For VM Coalitions Ge Cheng, Hai Jin, Deqing Zou, Lei Shi, and Alex K. Ohoussou

Hypervisors. Introduction. Introduction. Introduction. Introduction. Introduction. Credits:

Windows Server Virtualization & The Windows Hypervisor

Virtualization System Security

Cloud Computing #6 - Virtualization

Basics of Virtualisation

Operating Systems Virtualization mechanisms

Comparing Free Virtualization Products

HPSA Agent Characterization

Cloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University

Optimized And Secure Data Backup Solution For Cloud Using Data Deduplication

Virtual Machine Monitors. Dr. Marc E. Fiuczynski Research Scholar Princeton University

CSE 501 Monday, September 09, 2013 Kevin Cleary

Virtualization. Explain how today s virtualization movement is actually a reinvention

CS 695 Topics in Virtualization and Cloud Computing and Storage Systems. Introduction

Hyper-V vs ESX at the datacenter

Deploying Business Virtual Appliances on Open Source Cloud Computing

SQL Server Virtualization

A Predictive Model for Cache-Based Side Channels in Multicore and Multithreaded Microprocessors

Cloud Computing CS

How To Create A Cloud Based System For Aaas (Networking)

Taming Hosted Hypervisors with (Mostly) Deprivileged Execution

GUEST OPERATING SYSTEM BASED PERFORMANCE COMPARISON OF VMWARE AND XEN HYPERVISOR

NEC SigmaSystemCenter 3.0 highlights

Real- Time Mul,- Core Virtual Machine Scheduling in Xen

Xen and the Art of Virtualization

Control your corner of the cloud.

VIRTUALIZATION, The next step for online services

Transcription:

Are Cache Attacks on Public Clouds Practical? Thomas Eisenbarth Joint work with Gorka Irazoqui, Mehmet Sinan Inci, Berk Gulmezoglu and Berk Sunar WPI - 10/19/2015

Outline Cloud Computing and Isolation Extracting Information from Co-located VM Attacking AES across VM Boundaries A Practical RSA Key Recovery 2

Cloud Computing Computation increasingly outsourced to cloud servers CSPs: many users on shared, homogeneous platforms Users rent VMs, share same computer Shared resources Information Leakage? 3

Security through Isolation Virtual machines: Abstraction of physical machine Hypervisor (VMM) ensures Isolation through virtualization VMs might feel each other s load on some low-level resources potential side channels Guest Victim OS #1 Guest Spy OS #2 VM VM VMM Hardware 4

Outline Cloud Computing and Isolation Extracting Information from Co-located VM Attacking AES across VM Boundaries A Practical RSA Key Recovery 5

Cross-VM Side Channel Attack Suitable covert channel in the cloud? Cross Core: Last Level Cache (L3 Cache) accesses Adversary and victim share full access to L3 cache Cache Access cannot be virtualized (70x slowdown) 6

How to track victim s data? Deduplication Keeps only one copy of duplicate data in RAM Kernel Same page Merging in Linux and KVM Transparent Page Sharing in VMware VMM Solutions for Xen available as well Is now an opt-in feature for VMMs! (Default for OSs) Source: When Target VM accesses page page copied to cache: copy in shared LLC Subsequent Spy VM access also faster! Spy can detect Target VMs accesses to known pages 7

Steps: Flush+Reload Attack: Concept 1. Flush desired memory lines 2. Wait for some time 3. Reload memory lines and measure reload time. Private L1/L2 CACHE Shared L3 CACHE Victim Spy Slow reload time Fast reload time Clean detection if monitored memory line was accessed Memory 8

Outline Cloud Computing and Isolation Extracting Information from Co-located VM Attacking AES across VM Boundaries A Practical RSA Key Recovery 9

Target Cipher: AES AES T-table implementation: SubBytes ShiftRows T-table & XOR MixColumns T-tables stored in memory/cache Idea: Detect T-table accesses in last round ciphertext mapping to monitored table position is always accessed Inclusive caches ensure T-table in LLC T table Memory 10

Test setup Intel i5-3320 Attack Setup and Results OpenSSL1.0.1f AES C implementation Ubuntu 12.04 OS VMware ESXI 5.5 Transparent Page Sharing enabled (NO LONGER default) Measurements take less than a minute! [IIES14] Irazoqui, G., Inci, M. S., Eisenbarth, T., & Sunar, B. Wait a minute! A fast, Cross-VM attack on AES. RAID 2014 11 [GIIES15] Gulmezoglu, B., Irazoqui, G., Inci, M., Eisenbarth, T., & Sunar, B. A Faster and More Realistic Flush+ Reload Attack on AES. COSADE 2015

Are Cross-VM Cache Attacks Realistic? Cross-VM Flush+Reload Attack on AES works if Server has a shared level of cache Attacker and the victim are physically colocated VMM implements memory deduplication Memory Deduplication can enable Cross-VM cache attacks http://kb.vmware.com/kb/2080735 12

Cache Attacks without Deduplication? Cache attacks are old [Hu92] General technique: Prime+Probe [OST06]: 1. Flush Prime desired memory lines fill monitored cache lines with data making an eviction set 2. Wait for some time 3. Reload Probe memory lines read eviction set data and time read Problems: Usually only applied on L1-Cache not cross-core L3-Cache is too large (25MB vs 64kB) and cannot be controlled by spy [Hu92] Hu, W.-M. (Digital Equipment Corp., Littleton, MA, USA) Lattice scheduling and covert channels. IEEE Oakland 92 OST06] DA Osvik, A Shamir, E Tromer Cache attacks and countermeasures: the case of AES. CT-RSA 2006 13

Classic: Prime+ Probe in L1 Cache Eviction Set fills one cache set (dummy data) Intel: L1$ is virtually indexed and physically tagged attacker controls/knows set number Eviction set is easily constructed Not true for LLC: set index is part of virtual address Cache tag Set Byte 14

Prime + Probe in LLC How to gain control over LLC? Huge memory pages! 2MB pages instead of 4 KB. Offset becomes 21 bits Eviction set for L3$ can be constructed 15

LLC Prime+Probe on AES Same target as before (Single line of T-Table) Preparation: Need to locate T-Table in LLC TestSetup 1: Intel I5-650 2 cores Xen and Vmware + Ubuntu 12.04 TestSetup 2: Intel e5-2640 8 cores Vmware + Ubuntu 14.04 [IES15] Irazoqui, G., Eisenbarth, T., & Sunar, B. S$A: A shared cache attack that works across cores and defies VM sandboxing and Its application to AES. 36th IEEE Symposium on Security and Privacy (S&P 2015) [LY+15] Liu, F., Yarom, Y., Ge, Q., Heiser, G., & Lee, R. B. (2015). Last-Level Cache Side-Channel Attacks are Practical. (S&P 2015). 16

Are Cross-VM Cache Attacks Realistic? Cross-VM Flush+Reload Attack on AES works if Server has a shared level of cache Attacker and the victim are physically colocated VMM implements memory deduplication 17

Outline Cloud Computing and Isolation Extracting Information from Co-located VM Attacking AES across VM Boundaries AES Attack #2: Without Deduplication A Practical RSA Key Recovery 18

Co-location First (and last) success in 2009 [RTS09]: 1. Launch many instances on cloud 2. Check if any are co-located * In Sept 2008 How to detect Co-location? Ping time? IP address of instance or hypervisor? Disk Load? [RTSS09] Ristenpart, T., Tromer, E., Shacham, H., and Savage, S. Hey, You, Get off of My Cloud: Exploring Information Leakage in Thirdparty Compute Clouds. ACM CCS '09 19

Test Setup AWS EC2 m2.medium instances: Intel Xeon E5 2670 v2 CPU @2.5 GHz 10 cores share 25 MB of L3 cache Modified (Hardened) Xen VMM Up to 10 co-located instances (VMs) 4 accounts w/ 20 instances (no within-acc colocation) Ping is constant time HDDs replaced with SSDs Dom0 IPs hidden New Co-location detection needed 20

LLC Noise Co-Location Attempt: LLC Cache Accesses + Works reliable and we know how to do it + Impossible * to block - Requires slice recovery - Noise? Friday Monday Tuesday Average Gives Reliable Co-location Detection ensures that cache attack will work Alternative: Memory bus contention [XWW15,VZRS15] 00:00 02:00 04:00 06:00 08:00 10:00 12:00 14:00 16:00 18:00 20:00 22:00 00:00 Hour of Day (EST) [XWW15] XU, Z., WANG, H., AND WU, Z. A measurement study on co-residence threat inside the cloud. USENIX Security 15 [VZRS15] VARADARAJAN, V., ZHANG, Y., RISTENPART, T., AND SWIFT, M. A placement vulnerability study in multi-tenant public clouds. USENIX Security 15 22

Target Cryptosystem Libgcrypt 1.6.2 s RSA implementation RSA CRT with 2048 bit modulus size Sliding window exponentiation (5 bits) Message blinding to prevent chosen ciphertext attacks Is this state-of-the-art? Libgcrypt 1.6.3 (February 2015) Table accesses now constant execution flow (no more cache games) 23

Attack on RSA-CRT Sliding Window 1. Find cache trace of sliding window multiplicands 2. Observe several exponentiations to reduce noise 3. Align observations to reduce noise 4. Run error correcting key recovery to fix errors introduced by noise 24

Reload time Reload time Reload time Identifying a Correct Cache Line 10x2048 cache lines Source code reveals approximate position Search through remaining choices Once found, repeat observations 250 200 150 100 50 0 0 2000 4000 6000 8000 10000 250 timeslot 200 150 100 50 250 200 150 100 0 0 2000 4000 6000 8000 10000 timeslot Decryption Start First Secret Exponent (dp) Second Secret Exponent (dq) 50 0 0 1000 2000 3000 4000 5000 6000 7000 8000 9000 10000 11000 timeslot 25

Raw Traces 11 10 9 8 7 6 5 4 3 2 1 0 1000 2000 3000 4000 5000 6000 26

After Alignment 12 10 8 6 4 2 0 0 500 1000 1500 2000 2500 3000 27 timeslot

After Processing and Alignment Correct (red) vs recovered (blue): little remaining noise 28

Final key recovery? Distance to table initialization reveals multiplicand value d must be recovered from noisy d p and d q More details in: http://eprint.iacr.org/2015/898 29

Conclusion Co-Location Problem can be solved in Public Clouds Caches provide a powerful side channel in the Cloud Deduplication makes exploitation very simple Smart Prime+Probe works w/out Deduplication Key Recovery in Public Clouds is possible! Countermeasures still open problem: Many proposed, but cost overhead prohibitive? For Crypto Libraries: Recent patches of well-maintained libraries are secure 30

Thank you! vernam.wpi.edu teisenbarth@wpi.edu

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information