Update Amazon has patched a vulnerability that could have let users to steal the RSA keys of other co-located customers.
The complex attack - getting to CPU code cache isn't trivial - would, if successful, give an attacker a whole 2048-bit key used in other Elastic Compute Cloud instances.
Worcester Polytechnic Institute researchers reported the flaw to Amazon and described the work in the Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud [pdf].
They say their "full-fledged" attack which exploits new subtle leaks and attack vectors and is further reminder of the need to better isolate cloud instances.
"We present a full-fledged attack that exploits subtle leakages to recover RSA decryption keys from a colocated instance. We target a recently patched Libgcrypt RSA implementation by mounting Cross-VM Prime and Probe cache attacks pdf in combination with other tests to detect co-location in Amazon EC2.
In a preparatory step, we reverse engineer the unpublished nonlinear slice selection function for the 10 core Intel Xeon processor which significantly accelerates our attack (this chipset is used in Amazon EC2).
After co-location is detected and verified, we perform the Prime and Probe attack to recover noisy keys from a carefully monitored Amazon EC2 VM running the aforementioned vulnerable libgcrypt library. We subsequently process the noisy data and obtain the complete 2048-bit RSA key used during encryption."
Their last level cache (LLC) attacks are a new and more effective vector over those preceding it that Amazon had since shut down.
The prime and probe attack applied to the LLC is two pronged; a prime stage whereby attackers dump data into the LLC and wait for a victim to access it and a probe stage.
The latter involves attackers reloading the data and checking to see if a line is absent and stored in memory which indicates that it has been accessed.
Researchers say cross virtual machine leaking on public and private clouds means advanced isolation techniques and resource sharing still pose security risks.
"The cross-VM leakage is present in public clouds and can become a practical attack vector for both co-location detection and data theft," they say.
"Therefore, users have a responsibility to use latest improved software for their critical cryptographic operations."
Public cloud providers should enact placement policies for public cloud to reduce the attack vectors, and use smarter cache management policies at hardware and software levels. ®
Update, October 6th: AWS has been in touch to tell us the following, through a not-to-be-named spokesperson:
"This research does not demonstrate a real-world vulnerability in Amazon EC2."
"AWS customer RSA keys are not at risk of exposure using the techniques described in the report, which represents an academic exercise on Amazon EC2 that required attacker and victim pre-coordination, the use of outdated, vulnerable third party software, and the repeated unrealistic execution of a specific routine in order to be successful."
"Still, we can appreciate how this research highlights the topic of possible information extraction from shared caches in commercial off-the-shelf processors, so that this subject can be addressed through collaborative efforts with industry partners."