Exposed! Researchers reveal crypto key vulnerability in Amazon cloud

Cloud computing services are more popular than ever with their ease of access, low cost and real-time scalability. With increasing adoption of cloud services, concerns over cloud

specific attacks have been rising and so has the number of research studies exploring potential security risks in the cloud domain.

A team of researchers at Worcester Polytechnic Institute have developed a technique that allows an attacker use an account on Amazon Elastic Compute Cloud (EC2) to steal cryptographic keys of other AWS users.

[caption id=“attachment_1994035” align=“alignleft” width=“380”]  Pic[/caption]

Describing their technique in a paper, titled ‘Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud’, the researchers revealed how they used one instance of Amazon EC2 to get access to the 2,048-bit RSA key from a separate Amazon instance.

They wrote:

[This work presents a full key recovery attack on a modern implementation of RSA in a commercial cloud and explores all steps necessary to perform such an attack. In particular, the

work first revisits the co-location problem. Our experiments show that the co-location techniques presented in [2009] have been addressed by AWS and no longer are a significant indicator for co-location. In addition, we present new techniques that show that co-location is still detectable in 2015 by using other shared resources such as LLCs. Once co-located, we exploit the LLC to recover the secret key of a modern sliding-window exponentiation based implementation of RSA, across cores and without relying on deduplication. We expand beyond the techniques presented in [two papers published earlier this year] and show that a detailed study of the LLC structure of the targeted processor yields a much more efficient attack. In particular, we reverse engineer the LLC non-linear slice selection algorithm of Intel Xeon E5-2670 v2 chipset, which is dominant on Amazon EC2. Finally, we present several techniques necessary for a cache attack to succeed in a public cloud. Most notably, we present methods to filter noise from the observed leakage at two levels: (i) by using an alignment filter to reduce temporal noise introduced by co-residing processes and the OS, (ii) by rejecting false detections using a threshold technique on the aligned traces. Finally we present an error correction algorithm that exploits dependencies between the public key and the observed private key to remove remaining errors and to recover error free RSA keys.]

The report concluded that the cross-VM leakage is present in public clouds and can become a practical attack vector for both co-location detection and data theft. Therefore, users have a responsibility to use latest improved software for their critical cryptographic operations. Additionally, placement policies for public cloud must be revised to diminish attacker’s ability to co-locate with a targeted user. Smarter cache management policies are needed both at the hardware and software levels to prevent side-channel leakages and future exploits.

The vulnerabilities have now been patched, according to Amazon Web Services. The company, however, describes the attack as a complex one that would only work under certain extremely rare, pre-existing conditions involving outdated third-party software.