Who stole RSA encryption keys in Amazon cloud?

MUMBAI, INDIA: Even as Amazon is in the final stages of preparations for Amazon Web Services’ re:Invent conference,  researchers in Massachusetts have started raising new questions about the security of all multi-tenant cloud environments.

According to Network World, WPI researchers used a side-channel attack, which allows a hacker to glean information from other users who share virtual machines on the same physical server.

Executing the attack is no simple matter however. It includes spinning up a virtual machine in AWS’s cloud (although this vulnerability could work in any virtualized environment) and running a test to see if other VMs using the same physical host are running a certain library - named Libgcrypt - for their RSA encryption keys (RSA the open source encryption algorithm, not the commercial product).

Once researchers were able to identify a vulnerable library, they were able to use a cross-VM Prime and Probe technique to analyze the cache left on the Intel processor to collect a vast amount of information. The researchers were able to deduce the secret encryption key from the plethora of noisy information that comes along with the cache, Network World reported.

In a paper titled, Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud, a group of professors at Worcester Polytechnic Institute, named a proof of concept hack of secret cryptography keys used in an AWS virtual machine.

The now-patched flaw–which was not specific to AWS—showed that a hacker could theoretically gain a user’s secret keys that are used to encrypt sensitive data.

Network World which first published the report quoted security experts who said that the risk of this specific attack being used is quite low because the vulnerable encryption library has been patched. But, they cautioned it does call into question security best practices in multi-tenant cloud environments.

"Although a difficult attack to carry out, this further highlights the fact that secret keys are vulnerable, wherever they may be. They are even more vulnerable in cloud and virtualized environments where you have less direct control. This specific attack may be prevented by appropriate patching, as its 2009 predecessor was. However, the type of attack is almost impossible to completely prevent,” Network World quoted Yehuda Lindell, Chief Scientist and co-Founder, Dyadic.

The biggest concern related to this attack is perhaps the viability of multi-tenant clouds for very sensitive workloads. If users are concerned about that but want to stay within AWS’s cloud, they could pay extra to use Dedicated Instances, which AWS says run on hardware that’s dedicated to a single customer and are physically isolated at the host level. That’s compared to traditional Elastic Compute Cloud (EC2) instances, which share hardware in a virtual environment.

AWS also offers customers a Hardware Security Module (HSM), which is a device customers place in their own data centers that stores keys. There are other options for customers too, including using collocation or managed hosting providers which could provide customers with access to entire physical servers, instead of virtualized ones.

Then of course there are a variety of security products on the market as well targeting this issue. Dyadic, where Lindell is chief scientist, has developed a way to spread encrypted keys out across multiple hosts, so that essentially no one single VM has all of the keys.

However AWS said that the research does not demonstrate a real-world vulnerability in Amazon EC2. AWS customer RSA keys are not at risk of exposure using the techniques described in the report, which represents an academic exercise on Amazon EC2 that required attacker and victim pre-coordination, the use of out-dated, vulnerable third party software, and the repeated unrealistic execution of a specific routine in order to be successful.

Still, we can appreciate how this research highlights the topic of possible information extraction from shared caches in commercial off-the-shelf processors, so that this subject can be addressed through collaborative efforts with industry partners. We regularly assess even the most unlikely of scenarios to advance AWS security and, in turn, the security of AWS customers, and we welcome independent input to help in that effort. We recommend that customers continue to follow security best practices and encourage the reporting of any AWS security concerns to AWS Security via aws-security@amazon.com, Network World said.