52ky 发表于 2021-6-28 12:57:12

Cross-VM Side Channels and Their Use to Extract Private Keys


本文详细介绍了访问驱动侧信道攻击的构建,恶意虚拟机 (VM) 通过该攻击从运行在同一台物理计算机上的受害虚拟机中提取细粒度信息。 这种攻击是第一次在使用现代 VMM (Xen) 虚拟化的对称多处理系统上演示的此类攻击。 此类系统如今非常普遍,从使用虚拟化的桌面到沙盒应用程序或操作系统妥协,再到将相互不信任的客户的工作负载放在一起的云。 构建这样的侧信道需要克服包括核心迁移、信道噪声的众多来源以及以足够的频率抢占受害者以从中提取细粒度信息的困难等挑战。 本文解决了这些挑战,并通过使用最新版本的 libgcrypt 加密库从受害者身上提取 ElGamal 解密密钥,在实验室环境中演示了攻击。

(This paper details the construction of an access-driven side-channel attack by which a malicious virtual machine(VM) extracts fine-grained information from a victim VM running on the same physical computer. This attack is the first such attack demonstrated on a symmetric multiprocessing system virtualized using a modern VMM (Xen). Such systems are very common today, ranging from desktops that use virtualization to sandbox application or OS compromises, to clouds that co-locate the workloads of mutually distrustful customers. Constructing such a side-channel requires overcoming challenges including core migration, numerous sources of channel noise, and the difficulty of preempting the victim with sufficient frequency to extract fine-grained information from it. This paper addresses these challenges and demonstrates the attack in a lab setting by extracting an ElGamal decryption key from a victim using the most recent version of the libgcrypt cryptographic library.)


页: [1]
查看完整版本: Cross-VM Side Channels and Their Use to Extract Private Keys