Wednesday, 8 June 2016

Bulk Key Recovery on the Cloud

Cloud computing has many advantages so it's not surprising that it has become so popular with the even the biggest online services using cloud providers for their infrastructure.  However, many in security have pointed out that the "cloud" could perhaps also be termed "somebody else's computer", which immediately rings alarm bells from a security perspective.  Hidden in there is a fact that has been troubling researchers for some years: cloud computing means shared computing so you are using the same hardware as others running their systems.

Back in 2009 researchers began publishing work that seemed to show that it was possible for data to "leak" from one system to another when using shared hardware.  Papers such as these particularly highlighted the dangers of shared cache memory.  Side channel attacks were described in papers such as "Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds" that showed just how data could be exfiltrated  from a system by an attacking systems that was co-resident on the same hardware. 

Not surprising then that efforts were made by those producing the virtualisation technologies to stop such side channel attacks.  One of the many steps those employing the cloud took was to ensure that data was encrypted.  Thus if someone was able to purloin the data it would be relatively useless.  Of course, this doesn't help when the data is in its unencrypted form and being processed. Hence, we have seen a major push in the research of homomorphic encryption schemes that keep data encrypted throughout the processing cycle.  We are some way from fully homomorphic schemes but progress is being made.

Despite the improvements in the technology there has been a niggling fear that the keys that keep any encrypted data secure could themselves leak.  Then in 2015 a group rom Worcester Polytechnic Institute of Technology published a paper entitled "Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud" which described how crypto keys could be recovered between virtual machines sharing hardware.  The methods demonstrated had some limitations and so, many simply dismissed it as an interesting academic exercise with limited real application to the security of cloud based systems.

Well, guess what?  Those same researchers didn't give up and have just released a follow up paper entitled "Cache Attacks Enable Bulk Key Recovery on the Cloud".  They found that 55% of systems running on cloud platforms were running cryptographic libraries for which the key could be recovered where cache was shared.  They were able to demonstrate that RSA keys would be recovered in bulk.  They randomly created virtual machines and using cross-VM cache attacks the recovered public keys which they could check against public keys in public key database. They showed how to eliminate noise in the private keys and hence recover them, and by knowing the owner of the public key counterpart they could the identity of the owner of the recovered key.

If are involved in running any systems on cloud platforms I would urge you to take notice of this work.  It is not a complete disaster but you do need to take steps to protect yourself. 

Why is it not a disaster?  Well, the attacks do rely upon some flaws in some crypto libraries.  That is why they found "only" 55% of systems were vulnerable.  The trick of course is to find out if the library you use, or the version of the library you use, is vulnerable to this type of attack, and to rectify the situation.

I shall leave that as an exercise for the reader.