:
Skip Navigation
Resources Blog Virtual Machine Used To Steal Crypto Keys From Other VM On ...

Virtual Machine Used To Steal Crypto Keys From Other VM On Same Server

Ars Technica – (International) Virtual machine used to steal crypto keys from other VM on same server. Piercing a key defense found in cloud environments such as Amazon's EC2 service, scientists devised a virtual machine that can extract private cryptographic keys stored on a separate virtual machine when it resides on the same piece of hardware. The technique, unveiled in a research paper published by computer scientists from the University of North Carolina, the University of Wisconsin, and RSA Laboratories, took several hours to recover the private key for a 4096-bit ElGamal-generated public key using the libgcrypt v.1.5.0 cryptographic library. The attack relied on "side-channel analysis," in which attackers crack a private key by studying the electromagnetic emanations, data caches, or other manifestations of the targeted cryptographic system.

Source: http://arstechnica.com/security/2012/11/crypto-keys-stolen-from-virtual-machine/

Picture of Ali Loney

Written by Ali Loney

Ali Loney is a Senior UX Designer at Walmart Labs. She is based in Canada and was the former Graphic Designer at Sonatype.