The Cloud Security Alliance released its Top Nine Cloud Computing Threats in 2013 which placed data breaches as the number one threat to cloud computing.
- Data Breaches
- Data Loss
- Account Hijacking
- Insecure APIs
- Denial of Service
- Malicious Insiders
- Abuse of Cloud Services
- Insufficient Due Diligence
- Shared Technology Issues
During today’s lab seminar one of the Ph.D students, Bruce Ndibanje, presented an example of a cloud databreach; Matthew Green’s article on Side-Channel attacks (SCAs) of cloud-based virtual machines(VMs). This was really interesting because SCAs have been traditionally performed on dedicated hardware cryptomodules such as smart cards and embedded systems. The researchers successfully performed the attack on the El-Gamal cipher running on the Xen VMM, which is the software Amazon uses in its EC2 offering.
Despite their proof of concept, they acknowledged that this attack is unlikely to be a threat in practice due to several reasons:
- Finding the right VM on the right server: how would you map which VMs are running crypto operations on a particular host?
- Noise & Control: How would ensure that the VM remains running on the same core and same server? many different VMs can run on the same server and VMs can be switched between different cores at anytime.
- Difficulty of monitoring multiple executions: they used machine learning techniques to identify which of the possible instruction sequences can be associated with the target data.
- Perfect conditions: the proposed method works only with two VMs and requires training on the target hardware. Furthermore you need to be able to access what’s on the L1 cache, something that could be restricted by some IaaS/PaaS providers. Lastly, people would need to be convinced to do their encryption on the cloud.
Even if you do manage to exploit your way to hardware level access, why would you only use those privileges to perform a SCA attack? Unless the government is running their intelligence through cloud servers, is there really anything worth the effort of carrying out this attack?
Wouldn’t it be more exciting to just knock out the entire cloud?
Cross-VM Side Channels and Their Use to Extract Private Keys – http://www.cs.unc.edu/~reiter/papers/2012/CCS.pdf
Virtual machine used to steal crypto keys from other VM on same server – http://arstechnica.com/security/2012/11/crypto-keys-stolen-from-virtual-machine/