[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.5555/2671225.2671270guideproceedingsArticle/Chapter ViewAbstractPublication PagesConference Proceedingsacm-pubtype
Article

Preventing cryptographic key leakage in cloud virtual machines

Published: 20 August 2014 Publication History

Abstract

In a typical infrastructure-as-a-service cloud setting, different clients harness the cloud provider's services by executing virtual machines (VM). However, recent studies have shown that the cryptographic keys, the most crucial component in many of our daily used cryptographic protocols (e.g., SSL/TLS), can be extracted using cross-VM side-channel attacks. To defeat such a threat, this paper introduces HERMES, a new system that aims to protect the cryptographic keys in the cloud against any kind of cross-VM side-channel attacks by simply partitioning the cryptographic keys into random shares, and storing each share in a different VM. Moreover, it also periodically re-shares the cryptographic keys, thereby invalidating the potentially extracted partial ones. We have implemented HERMES as a library extension that is transparent to the application software, and performed deep case studies with a web and a mail server on Amazon EC2 cloud. Our experimental results show that the runtime overhead of the proposed system can be as low as 1%.

References

[1]
Us web statistics released for may 2012: which sites dominate, and where do we go for online news? http://www.theguardian.com/news/datablog/2012/jun/22/website-visitor-statistics-nielsen-may-2012-google, 2012.
[2]
Internet 2012 in numbers. http://royal.pingdom.com/2013/01/16/internet- 2012-in-numbers/, 2013.
[3]
Public, private and hybrid clouds when, why and how they are really used. Tech. rep., Summary report, Neovise, 2013.
[4]
Amazon elastic compute cloud. http://aws.amazon.com/pricing/ec2/, 2014.
[5]
Apache http server benchmarking tool. http://httpd.apache.org/docs/2.4/programs/ab.html, 2014.
[6]
The apache jmeter desktop application. http://jmeter.apache.org/, 2014.
[7]
Apache: The number one http server on the internet. http://httpd.apache.org/, 2014.
[8]
Dovecot, an open source imap and pop3 email server. http://www.dovecot.org, 2014.
[9]
Google compute engine. https://cloud.google.com/products/computeengine, 2014.
[10]
The openssl project. http://www.openssl.org, 2014.
[11]
The postfix home page. http://www.postfix.org/start.html, 2014.
[12]
Windows azure. http://www.windowsazure.com/en-us/, 2014.
[13]
ACIIÇMEZ, O., BRUMLEY, B. B., AND GRABHER, P. New results on instruction cache attacks. In Cryptographic Hardware and Embedded Systems, CHES 2010. Springer, 2010, pp. 110-124.
[14]
ACIIÇMEZ, O., KOÇ, Ç. K., AND SEIFERT, J.-P. On the power of simple branch prediction analysis. In Proceedings of the 2nd ACM symposium on Information, computer and communications security (2007), ACM, pp. 312-320.
[15]
ACIIÇMEZ, O., SCHINDLER, W., AND KOÇ, Ç. K. Cache based remote timing attack on the aes. In Topics in Cryptology-CT-RSA 2007. Springer, 2006, pp. 271-286.
[16]
ALLEN, C., AND DIERKS, T. The tls protocol version 1.0.
[17]
BACKES, M., DOYCHEV, G., AND KOPF, B. Preventing side-channel leaks in web traffic: A formal approach. In NDSS (2013).
[18]
BERTONI, G., ZACCARIA, V., BREVEGLIERI, L., MONCHIERO, M., AND PALERMO, G. Aes power attack based on induced cache miss and countermeasure. In Information Technology: Coding and Computing, 2005. ITCC 2005. International Conference on (2005), vol. 1, IEEE, pp. 586-591.
[19]
BRUMLEY, B. B., AND TUVERI, N. Remote timing attacks are still practical. In Computer Security-ESORICS 2011. Springer, 2011, pp. 355-371.
[20]
BRUMLEY, D., AND BONEH, D. Remote timing attacks are practical. Computer Networks 48, 5 (2005), 701-716.
[21]
DESMEDT, Y. Some recent research aspects of threshold cryptography. In Information Security. Springer, 1998, pp. 158-173.
[22]
DIFFIE, W., AND HELLMAN, M. New directions in cryptography. Information Theory, IEEE Transactions on 22, 6 (1976), 644-654.
[23]
FOUQUE, P.-A., AND POINTCHEVAL, D. Threshold cryptosystems secure against chosen-ciphertext attacks. In Advances in CryptologyASIACRYPT 2001. Springer, 2001, pp. 351-368.
[24]
FRANKEL, Y. A practical protocol for large group oriented networks. In Advances in Cryptology EUROCRYPT 1989 (1990), Springer, pp. 56-61.
[25]
FREIER, A. The ssl protocol version 3.0. http://ci.nii.ac.jp/naid/10015295976/en/, 1996.
[26]
GANDOLFI, K., MOURTEL, C., AND OLIVIER, F. Electromagnetic analysis: Concrete results. In Cryptographic Hardware and Embedded Systems CHES 2001 (2001), Springer, pp. 251-261.
[27]
GENNARO, R., JARECKI, S., KRAWCZYK, H., AND RABIN, T. Robust threshold dss signatures. In Advances in CryptologyEUROCRYPT96 (1996), Springer, pp. 354-371.
[28]
GULLASCH, D., BANGERTER, E., AND KRENN, S. Cache games-bringing access-based cache attacks on aes to practice. In Security and Privacy (SP), 2011 IEEE Symposium on (2011), IEEE, pp. 490- 505.
[29]
HICKMAN, K., AND ELGAMAL, T. The ssl protocol. Netscape Communications Corp 501 (1995).
[30]
KARLOF, C., AND WAGNER, D. Hidden markov model cryptanalysis. In Cryptographic Hardware and Embedded Systems-CHES 2003: 5th International Workshop, Cologne, Germany, September 8-10, 2003, Proceedings (2003), vol. 5, Springer, p. 17.
[31]
KELLER, E., AND REXFORD, J. The platform as a service model for networking. In Proceedings of the 2010 internet network management conference on Research on enterprise networking (2010), vol. 4, USENIX Association.
[32]
KIM, T., PEINADO, M., AND MAINAR-RUIZ, G. Stealthmem: system-level protection against cache-based side channel attacks in the cloud. In Proceedings of the 21st USENIX conference on Security symposium (2012), USENIX Association, pp. 11-11.
[33]
KOCHER, P., JAFFE, J., AND JUN, B. Differential power analysis. In Advances in Cryptology CRYPTO 1999 (1999), Springer, pp. 388-397.
[34]
KOCHER, P. C. Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In Advances in Cryptology CRYPTO 1996 (1996), Springer, pp. 104-113.
[35]
KUROSAWA, K. New eigamal type threshold digital signature scheme. IEICE transactions on fundamentals of electronics, communications and computer sciences 79, 1 (1996), 86-93.
[36]
LANGFORD, S. K. Threshold dss signatures without a trusted party. In Advances in CryptologyCRYPT095. Springer, 1995, pp. 397-409.
[37]
OPPLIGER, R. SSL and TLS: Theory and Practice. Artech House, 2009.
[38]
OSWALD, E., AND AIGNER, M. Randomized addition-subtraction chains as a countermeasure against power attacks. In Cryptographic Hardware and Embedded SystemsCHES 2001 (2001), Springer, pp. 39-50.
[39]
OWENS, R., AND WANG, W. Non-interactive os fingerprinting through memory de-duplication technique in virtual machines. In Performance Computing and Communications Conference (IPCCC), 2011 IEEE 30th International (2011), IEEE, pp. 1-8.
[40]
PRODAN, R., AND OSTERMANN, S. A survey and taxonomy of infrastructure as a service and web hosting cloud providers. In Grid Computing, 2009 10th IEEE/ACM International Conference on (2009), IEEE, pp. 17-25.
[41]
RISTENPART, T., TROMER, E., SHACHAM, H., AND SAVAGE, S. Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In Proceedings of the 16th ACM conference on Computer and communications security (2009), ACM, pp. 199-212.
[42]
SHOUP, V. Practical threshold signatures. In Advances in Cryptology EUROCRYPT 2000 (2000), Springer, pp. 207-220.
[43]
TROMER, E., OSVIK, D. A., AND SHAMIR, A. Efficient cache attacks on aes, and countermeasures. Journal of Cryptology 23, 1 (2010), 37-71.
[44]
VAQUERO, L. M., RODERO-MERINO, L., CACERES, J., AND LINDNER, M. A break in the clouds: towards a cloud definition. ACM SIGCOMM Computer Communication Review 39, 1 (2008), 50-55.
[45]
WALTER, C. D. Mist: An efficient, randomized exponentiation algorithm for resisting power analysis. In Topics in Cryptology CT-RSA 2002. Springer, 2002, pp. 53-66.
[46]
WANG, Z., AND JIANG, X. Hypersafe: A lightweight approach to provide lifetime hypervisor control-flow integrity. In Security and Privacy (SP), 2010 IEEE Symposium on (2010), IEEE, pp. 380- 395.
[47]
WEISS, M., HEINZ, B., AND STUMPF, F. A cache timing attack on aes in virtualization environments. In Financial Cryptography and Data Security. Springer, 2012, pp. 314-328.
[48]
WINKLER, V. Cloud computing: Cloud security concerns. Tech. rep., 2011.
[49]
WITTEMAN, M. F., VAN WOUDENBERG, J. G., AND MENARINI, F. Defeating rsa multiply-always and message blinding countermeasures. In Topics in Cryptology-CT-RSA 2011. Springer, 2011, pp. 77-88.
[50]
ZHANG, Y., JUELS, A., OPREA, A., AND REITER, M. K. Homealone: Co-residency detection in the cloud via side-channel analysis. In Security and Privacy (SP), 2011 IEEE Symposium on (2011), IEEE, pp. 313-328.
[51]
ZHANG, Y., JUELS, A., REITER, M. K., AND RISTENPART, T. Cross-vm side channels and their use to extract private keys. In Proceedings of the 2012 ACM conference on Computer and communications security (2012), ACM, pp. 305-316.

Cited By

View all
  1. Preventing cryptographic key leakage in cloud virtual machines

      Recommendations

      Comments

      Please enable JavaScript to view thecomments powered by Disqus.

      Information & Contributors

      Information

      Published In

      cover image Guide Proceedings
      SEC'14: Proceedings of the 23rd USENIX conference on Security Symposium
      August 2014
      1067 pages
      ISBN:9781931971157
      • Program Chair:
      • Kevin Fu

      Sponsors

      • Akamai: Akamai
      • Google Inc.
      • IBMR: IBM Research
      • NSF
      • Microsoft Reasearch: Microsoft Reasearch
      • USENIX Assoc: USENIX Assoc

      Publisher

      USENIX Association

      United States

      Publication History

      Published: 20 August 2014

      Qualifiers

      • Article

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)0
      • Downloads (Last 6 weeks)0
      Reflects downloads up to 19 Dec 2024

      Other Metrics

      Citations

      Cited By

      View all
      • (2019)SpyDetectorInternational Journal of Information Security10.1007/s10207-018-0411-718:4(393-422)Online publication date: 1-Aug-2019
      • (2018)Fidelius CharmProceedings of the Eighth ACM Conference on Data and Application Security and Privacy10.1145/3176258.3176330(248-255)Online publication date: 13-Mar-2018
      • (2015)NomadProceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security10.1145/2810103.2813706(1595-1606)Online publication date: 12-Oct-2015
      • (2015)The State of Public Infrastructure-as-a-Service Cloud SecurityACM Computing Surveys10.1145/276718147:4(1-31)Online publication date: 26-Jun-2015

      View Options

      View options

      Media

      Figures

      Other

      Tables

      Share

      Share

      Share this Publication link

      Share on social media