AWS customer crypto keys exposed in new vulnerability
Fri 2 Oct 2015
Amazon has patched a vulnerability in its cloud storage platform [PDF], after researchers discovered a flaw which could have allowed attackers to steal customer RSA keys.
The study revealed that a sophisticated CPU cache attack against an Amazon Elastic Compute Cloud (EC2) instance, could have given a hacker complete access to a 2048-bit RSA key used in a separate instance.
The research team, based at Worcester Polytechnic Institute, Massachusetts, notified Amazon Web Services’ (AWS) security division of the vulnerability in June and described their work in a paper titled: ‘Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud.’
They describe targeting the recently patched Libgcrypt RSA implementation, through Cross-VM Prime and Probe cache attacks to detect co-location. ‘After co-location is detected and verified, we perform the Prime and Probe attack to recover noisy keys from a carefully monitored Amazon EC2 VM running the aforementioned vulnerable Libgcrypt library. We subsequently process the noisy data and obtain the complete 2048-bit RSA key used during encryption,’ reads the report.
The researchers point to the ‘full-fledged attack’ as a reminder to the industry of the need to deploy stronger techniques in public clouds to prevent vectors for both co-location detection and data theft.
Concluding their report, the researchers advise that cloud users have a responsibility to operate with the latest software updates, particularly when dealing with critical cryptographic information. They add that placement guidelines should be revised for public cloud applications and that smarter cache management policies are needed, for both hardware and software, to prevent future side-channel leakages and exploits.
AWS responded that any such attack would have required complex insider involvement, and would have been an “extremely rare” occurrence. The cloud services giant has reassured EC2 customers that those users running across current software and following cybersecurity best practice will not have been affected by this scenario.