Cache based Side Channel Attack on AES in Cloud Computing Environment

Abstract

As Cloud services become more pervasive, works in the recent past have uncovered vulnerabilities unique to such systems. The use of virtualization to isolate computational tasks from ones carried out by adversaries that co-reside with it is growing rapidly. This trend has been precipitated by the failure of today's operating systems to provide adequate isolation due to the growth of cloud facilities. Unlike mainstream computing, the infrastructure supporting a Cloud environment allows mutually distrusting customers to simultaneously access an underlying cache thus promoting a risk of information leakage across virtual machines via side channels. This paper attempts to set up a private cloud environment, demonstrates a cache based side channel attack and explores solutions to counterattack the same. An intense cache access pattern analysis is carried out, thus gathering information about the table lookup indices during one AES encryption to finally recover 128-bit full AES key.