Gorka Irazoqui
ABSTRACT
In this work we show how the Lucky 13 attack can be resurrected in the cloud by gaining access to a virtual machine co-located with the target. Our version of the attack exploits distinguishable cache access times enabled by VM deduplication to detect dummy function calls that only happen in case of an incorrectly CBC-padded TLS packet. Thereby, we gain back a new covert channel not considered in the original paper that enables the Lucky 13 attack. In fact, the new side channel is significantly more accurate, thus yielding a much more effective attack. We briefly survey prominent cryptographic libraries for this vulnerability. The attack currently succeeds to compromise PolarSSL, GnuTLS and CyaSSL on deduplication enabled platforms while the Lucky 13 patches in OpenSSL, Mozilla NSS and MatrixSSL are immune to this vulnerability. We conclude that, any program that follows secret data dependent execution flow is exploitable by side-channel attacks as shown in (but not limited to) our version of the Lucky 13 attack.
- CyaSSL: Embedded SSL library WolfSSL. http://www.wolfssl.com/yaSSL/Home.html, May 2014.Google Scholar
- Kernel samepage merging. http://kernelnewbies.org/Linux_2_6_32#head-d3f32e41df508090810388a57efce73f52660ccb/, April 2014.Google Scholar
- MatrixSSL: Open source embedded SSL. May 2014.Google Scholar
- Acímez, O. Yet another microarchitectural attack: Exploiting i-cache. In Proceedings of the 2007 ACM Workshop on Computer Security Architecture (New York, NY, USA, 2007), CSAW '07, ACM, pp. 11--18. Google ScholarDigital Library
- AlFardan, N. J., Bernstein, D. J., Patterson, K. G., Poettering, B., and Schuldt, J. C. N. On the Security of RC4 in TLS. In 22nd USENIX Security Symposium (2013). Google ScholarDigital Library
- Arcangeli, A., Eidus, I., and Wright, C. Increasing memory density by using KSM. In Proceedings of the Linux symposium (2009), pp. 19--28.Google Scholar
- Bard, G. A challenging but feasible blockwise-adaptive chosen-plaintext attack on SSL. In SECRYPT (2006), pp. 99--109.Google Scholar
- Bard, G. V. The vulnerability of SSL to chosen plaintext attack. IACR Cryptology ePrint Archive 2004:111, 2004.Google Scholar
- Bardou, R., Focardi, R., Kawamoto, Y., Simionato, L., Steel, G., and Tsay, J.-K. Efficient padding oracle attacks on cryptographic hardware. In CRYPTO (2012), R. Safavi-Naini and R. Canetti, Eds., vol. 7417 of Lecture Notes in Computer Science, Springer, pp. 608--625.Google ScholarDigital Library
- Benger, N., van de Pol, J., Smart, N. P., and Yarom, Y. "ooh aah... just a little bit": A small amount of side channel can go a long way. In CHES (2014), pp. 75--92.Google ScholarDigital Library
- Bernstein, D. J. Cache-timing attacks on AES, 2004. URL: http://cr.yp.to/papers.html#cachetiming.Google Scholar
- Bonneau, J. Robust Final-Round Cache-Trace Attacks against AES.Google Scholar
- Bonneau, J., and Mironov, I. Cache-Collision Timing Attacks against AES. In Cryptographic Hardware and Embedded Systems - CHES 2006 (2006), vol. 4249 of Springer LNCS, Springer, pp. 201--215. Google ScholarDigital Library
- Chen Cai-Sen, Wang Tao, C. X.-C., and Ping, Z. An improved trace driven instruction cache timing attack on RSA. Cryptology ePrint Archive, Report 2011/557, 2011. http://eprint.iacr.org/.Google Scholar
- Duong, T., and Rizzo, J. Here come the XOR ninjas.Google Scholar
- Fardan, N. J. A., and Paterson, K. G. Lucky Thirteen: Breaking the TLS and DTLS Record Protocols. In Security and Privacy (SP), 2013 IEEE Symposium on (May 2013), pp. 526--540. Google ScholarDigital Library
- Goodin, D. Hackers break SSL encryption used by millions of sites. http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/, 2011.Google Scholar
- Gullasch, D., Bangerter, E., and Krenn, S. Cache Games - Bringing Access-Based Cache Attacks on AES to Practice. IEEE Symposium on Security and Privacy 0 (2011), 490--505. Google ScholarDigital Library
- Gullasch, D., Bangerter, E., and Krenn, S. Cache Games - Bringing Access-Based Cache Attacks on AES to Practice. In Proceedings of the 2011 IEEE Symposium on Security and Privacy (Washington, DC, USA, 2011), SP '11, IEEE Computer Society, pp. 490--505. Google ScholarDigital Library
- Hu, W.-M. Lattice scheduling and covert channels. In Proceedings of the 1992 IEEE Symposium on Security and Privacy (Washington, DC, USA, 1992), SP '92, IEEE Computer Society, pp. 52--. Google ScholarDigital Library
- Irazoqui, G., IncI, M. S., Eisenbarth, T., and Sunar, B. Fine grain Cross-VM Attacks on Xen and VMware are possible. preprint available at http://ecewp.ece.wpi.edu/wordpress/vernam/files/2014/04/main.pdf.Google Scholar
- Jones, M. T. Anatomy of Linux kernel shared memory. http://www.ibm.com/developerworks/linux/library/l-kernel-shared-memory/l-kernel-shared-memory-pdf.pdf/, April 2010.Google Scholar
- Kelsey, J., Schneier, B., Wagner, D., and Hall, C. Side channel cryptanalysis of product ciphers. In Computer Security - UESORICS 98. Springer, 1998, pp. 97--110. Google ScholarDigital Library
- Mavrogiannopoulos, N., and Josefsson, S. GnuTLS: The GnuTLS Transport Layer Security Library. May 2014.Google Scholar
- Moeller, B. Security of CBC ciphersuites in SSL/TLS: Problems and countermeasures. http://www.openssl.org/?bodo/tls-cbc.txt, April 2004.Google Scholar
- Mozilla. Mozilla NSS: Network security services. May 2014.Google Scholar
- Osvik, D. A., Shamir, A., and Tromer, E. Cache Attacks and Countermeasures: The Case of AES. In Proceedings of the 2006 The Cryptographers' Track at the RSA Conference on Topics in Cryptology (Berlin, Heidelberg, 2006), CT-RSA'06, Springer-Verlag, pp. 1--20. Google ScholarDigital Library
- Page, D. Theoretical Use of Cache Memory as a Cryptanalytic Side-Channel, 2002.Google Scholar
- Paterson, K. G., Ristenpart, T., and Shrimpton, T. Tag size does matter: Attacks and proofs for the TLS record protocol. In Advances in Cryptology - ASIACRYPT 2011. Springer Berlin Heidelberg, 2011, pp. 372--389. Google ScholarDigital Library
- PolarSSL. PolarSSL: Straightforward,secure communication. www.polarssl.org.Google Scholar
- Ristenpart, T., Tromer, E., Shacham, H., and Savage, S. Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds. In Proceedings of the 16th ACM Conference on Computer and Communications Security (New York, NY, USA, 2009), CCS '09, ACM, pp. 199--212. Google ScholarDigital Library
- Rogaway, P. Problems with proposed IP cryptography. http://www.cs.ucdavis.edu/?rogaway/papers/draft-rogaway-ipsec-comments-00.txt, 1995.Google Scholar
- Suzaki, K., Iijima, K., Yagi, T., and Artho, C. Memory deduplication as a threat to the guest OS. In Proceedings of the Fourth European Workshop on System Security (2011), ACM, p. 1. Google ScholarDigital Library
- Suzaki, K., Iijima, K., Yagi, T., and Artho, C. Software side channel attack on memory deduplication. SOSP POSTER (2011).Google Scholar
- The OpenSSL Project. OpenSSL: The open source toolkit for SSL/TLS. www.openssl.org, April 2003.Google Scholar
- Tromer, E., Osvik, D., and Shamir, A. Efficient Cache Attacks on AES, and Countermeasures. Journal of Cryptology 23, 1 (2010), 37--71. Google ScholarDigital Library
- Tsunoo, Y., Saito, T., Suzaki, T., and Shigeri, M. Cryptanalysis of DES implemented on computers with cache. In Proc. of CHES 2003, Springer LNCS (2003), Springer-Verlag, pp. 62--76.Google ScholarCross Ref
- Vaudenay, S. Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS. In Proceedings of In Advances in Cryptology - EUROCRYPT'02 (2002), Springer-Verlag, pp. 534--546. Google ScholarDigital Library
- VMWare. Understanding Memory Resource Management in VMware vSphere 5.0. http://www.vmware.com/files/pdf/mem_mgmt_perf_vsphere5.pdf.Google Scholar
- Waldspurger, C. A. Memory resource management in VMware ESX server. ACM SIGOPS Operating Systems Review 36, SI (2002), 181--194. Google ScholarDigital Library
- Yarom, Y., and Falkner, K. Flush+reload: A high resolution, low noise, L3 cache side-channel attack. In 23rd USENIX Security Symposium (USENIX Security 14) (San Diego, CA, Aug. 2014), USENIX Association, pp. 719--732. Google ScholarDigital Library
- Zhang, Y., Juels, A., Reiter, M. K., and Ristenpart, T. Cross-VM side channels and their use to extract private keys. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (New York, NY, USA, 2012), CCS '12, ACM, pp. 305--316. Google ScholarDigital Library
Index Terms
- Lucky 13 Strikes Back
Recommendations
Pseudo Constant Time Implementations of TLS Are Only Pseudo Secure
CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications SecurityToday, about 10% of TLS connections are still using CBC-mode cipher suites, despite a long history of attacks and the availability of better options (e.g. AES-GCM). In this work, we present three new types of attack against four popular fully patched ...
Fine Grain Cross-VM Attacks on Xen and VMware
BDCLOUD '14: Proceedings of the 2014 IEEE Fourth International Conference on Big Data and Cloud ComputingThis work exposes vulnerabilities in virtualized cloud servers by mounting Cross-VM cache attacks in Xen and VMware VMs. We show for the first time that AES implementations in a number popular cryptographic libraries including Open SSL, Polar SSL and ...
Lucky Microseconds: A Timing Attack on Amazon's s2n Implementation of TLS
Proceedings, Part I, of the 35th Annual International Conference on Advances in Cryptology --- EUROCRYPT 2016 - Volume 9665s2n is an implementation of the TLS protocol that was released in late June 2015 by Amazon. It is implemented in around 6,000 lines of C99 code. By comparison, OpenSSL needs around 70,000 lines of code to implement the protocol. At the time of its ...
Comments