A Different approach to Cross-VM Side Channel Exploitation
Twitter was abuzz last week with this paper published by university researchers and RSA titled “Cross-VM Side Channels and Their Use to Extract Private Keys.” Ars Technica gives a good summary here: “Virtual machine used to steal crypto keys from other VM on same server.”
This isn’t new thinking; crypto people have assumed that this would be possible at some point or another. I’m a little surprised that it took this long for someone to put together and demonstrate the actual attack. Intel gave a talk about this at the 2008 toorcon [slides].
Side-channel attacks are sneaky and often involve timing an operation you can’t see and making inferences about what is happening inside. This particular approach looked at the way that cache memory was shaped by cohosted virtual machines doing private key operations. In their conclusion, the authors summarize the situation.
“The use of virtualization to isolate a computation from malicious ones that co-reside with it is growing increasingly pervasive. This trend has been facilitated by the failure of today’s operating systems to provide adequate isolation, the emergence of commodity VMMs offering good performance.”
So what is to be done? Abandon virtualization?
F5 has an interesting technology called virtual-clustered-multiprocessing (vCMP) which is a hybrid of virtualization and our own high-performance network and crypto hardware. It gets a lot of interest because it occupies an intersection of competing interests: people want virtualization but they can’t stand the idea of losing performance. vCMP is basically dozens of virtual machines hosting F5 software inside our flagship VIPRION chassis.
One of things we did with it (and this wasn’t easy) was to figure out how to off load SSL crypto operations from each virtual machine guest to the underlying crypto hardware. This means that a typical side channel attack, especially a timing attack, will fail because all operations take a constant time and are done outside the virtual machines.
This is one of the reasons that vCMP gets so much interest – it’s unlike anything out there: virtualization and performance and security. Boom!
For more information, I’m adding links to the vCMP white-papers in the Related Posts section below.