Abstract
The isolation among physically co-located virtual machines is an important prerequisite for ensuring the security in a virtualized environment (VE). The VE should prevent from exploitation of side-channels stemming from the usage of shared resources, being hardware or software. However, despite the presumed secure logical isolation, a possible information leakage beyond the boundaries of a virtual machine due to side-channel exploits is a key concern in the VE. Such exploits have been demonstrated in the academic world during the last years. This paper takes into consideration the side-channel attacks threat, and points out that the feasibility of a SCA strongly depends on the specific context of the execution environment. The paper proposes a framework for feasibility assessment of SCAs using cache-based exploits as an example scenario. Furthermore, we provide a proof of concept to show how the feasibility of cache-based SCAs can be assessed using the proposed approach.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM side—channel(s). In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003)
Amazon Web Services: Amazon Virtual Private Cloud User Guide-Dedicated Instances (2014). http://awsdocs.s3.amazonaws.com/VPC/latest/vpc-ug.pdf
Anderson, R., Bond, M., Clulow, J., Skorobogatov, S.: Cryptographic processors-a survey. Proc. IEEE 94(2), 357–369 (2006)
Bauer, A., Jaulmes, E., Prouff, E., Wild, J.: Horizontal and vertical side-channel attacks against secure RSA implementations. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 1–17. Springer, Heidelberg (2013)
Carlier, V., Chabanne, H., Dottax, E., Pelletier, H.: Electromagnetic side channels of an FPGA implementation of AES. IACR Cryptology ePrint Archive, p. 145 (2004)
Clavier, C., Feix, B., Gagnerot, G., Roussellet, M., Verneuil, V.: Horizontal correlation analysis on exponentiation. In: Soriano, M., Qing, S., López, J. (eds.) ICICS 2010. LNCS, vol. 6476, pp. 46–61. Springer, Heidelberg (2010)
Department of Defense: Trusted Computer System Evaluation Criteria. Technical report DoD 5200.28-STD, National Computer Security Center, Ft. Meade, MD 20755, also known as the “Orange Book”, December 1985
Figueiredo, R., Dinda, P.A., Fortes, J.: Guest editors’ introduction: resource virtualization renaissance. Computer 38(5), 28–31 (2005)
Genkin, D., Shamir, A., Tromer, E.: RSA key extraction via low-bandwidth acoustic cryptanalysis. Cryptology ePrint Archive, Report 2013/857 (2013). http://eprint.iacr.org/
Hlavacs, H., Treutner, T., Gelas, J.P., Lefevre, L., Orgerie, A.C.: Energy consumption side-channel attack at virtual machines in a cloud. In: International Conference on Cloud and Green Computing (CGC 2011) (2011)
Intel Corporation: Secure the enterprise with Intel AES-NI. http://www.intel.com/content/www/us/en/enterprise-security/enterprise-security-aes-ni-white-paper.html (2010). Last Accessed on 22 April 2014
Kim, T., Peinado, M., Mainar-Ruiz, G.: STEALTHMEM: system-level protection against cache-based side channel attacks in the cloud. In: USENIX Security Symposium, p. 11. USENIX Association (2012)
Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Li, P., Gao, D., Reiter, M.K.: Mitigating access-driven timing channels in clouds using StopWatch. In: DSN, pp. 1–12. IEEE (2013)
Marty, M., Hill, M.: Virtual hierarchies to support server consolidation. SIGARCH Comput. Archit. News 35(2), 46–56 (2007)
Mell, P., Grance, T.: The NIST Definition of Cloud Computing. Technical report 800–145, National Institute of Standards and Technology (NIST), September 2009
Messerges, T., Dabbish, E., Sloan, R.: Investigations of power analysis attacks on smartcards. In: USENIX WOST, p. 17. USENIX Association (1999)
Mowery, K., Keelveedhi, S., Shacham, H.: Are AES x86 cache timing attacks still feasible? In: CCSW, pp. 19–24. ACM (2012)
Padala, P., Zhu, X., Wang, Z., Singhal, S., Shin, K.: Performance Evaluation of Virtualization Technologies for Server Consolidation. Technical report HPL-2007-59, HP Laboratories Palo Alto (2007)
Pearce, M., Zeadally, S., Hunt, R.: Virtualization: issues, security threats, and solutions. ACM Comput. Surv. 45(2), 17:1–17:39 (2013)
Percival, C.: Cache missing for fun and profit. In: The Technical BSC Conference (BSDCan) (2005)
Popek, G., Goldberg, R.: Formal requirements for virtualizable third generation architectures. Commun. ACM 17(7), 412–421 (1974)
Ratanpal, G.B., Williams, R., Blalock, T.: An on-chip signal suppression countermeasure to power analysis attacks. Dependable Secure Comput. 1(3), 179–189 (2004)
Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: CCS, pp. 199–212. ACM (2009)
Schneier, B.: Attack trees. Dr. Dobb’s J. 24(12), 21–29 (1999)
Song, D.X., Wagner, D., Tian, X.: Timing analysis of keystrokes and timing attacks on SSH. In: USENIX Security Symposium, p. 25. USENIX Association (2001)
Stefan, D., Buiras, P., Yang, E.Z., Levy, A., Terei, D., Russo, A., Mazières, D.: Eliminating cache-based timing attacks with instruction-based scheduling. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 718–735. Springer, Heidelberg (2013)
Tiri, K., Hwang, D., Hodjat, A., Lai, B., Yang, S., Schaumont, P., Verbauwhede, I.: A side-channel leakage free coprocessor IC in 0.18 \(\mu \)m CMOS for embedded AES-based cryptographic and biometric processing. In: Design Automation Conference, pp. 222–227, June 2005
Uddin, M., Rahman, A.A.: Server consolidation: an approach to make data centers energy efficient and green. Int. J. Eng. Sci. Res. 1 (2010)
Wu, Z., Xu, Z., Wang, H.: Whispers in the hyper-space: high-speed covert channel attacks in the cloud. In: USENIX Security Symposium, p. 9. USENIX Association (2012)
Xu, Y., Bailey, M., Jahanian, F., Joshi, K., Hiltunen, M., Schlichting, R.: An exploration of L2 cache covert channels in virtualized environments. In: CCSW, pp. 29–40. ACM (2011)
Yarom, Y., Falkner, K.: Flush+Reload: a high resolution, low noise, L3 cache side-channel attack. IACR Cryptology ePrint Archive (2013)
Zhang, Y., Juels, A., Reiter, M., Ristenpart, T.: Cross-VM side channels and their use to extract private keys. In: CCS, pp. 305–316. ACM (2012)
Zhou, Y., DengGuo, F.: Side-channel attacks: ten years after its publication and the impacts on cryptographic module security testing. Cryptology ePrint Archive, Report 2005/388 (2005)
Acknowledgements
Research supported by TU Darmstadt’s project LOEWE- CASED and the Deutsche Forschungsgemeinschaft Graduiertenkolleg 1362 - DFG GRK 1362.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Vateva-Gurova, T., Luna, J., Pellegrino, G., Suri, N. (2015). On the Feasibility of Side-Channel Attacks in a Virtualized Environment. In: Obaidat, M., Holzinger, A., Filipe, J. (eds) E-Business and Telecommunications. ICETE 2014. Communications in Computer and Information Science, vol 554. Springer, Cham. https://doi.org/10.1007/978-3-319-25915-4_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-25915-4_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-25914-7
Online ISBN: 978-3-319-25915-4
eBook Packages: Computer ScienceComputer Science (R0)