Storing your secret keys in the Amazon cloud may not be such a good idea, according to researchers, attackers using Amazon’s EC2 platform have the ability to steal other users cryptographic keys.
The most recent proof-of-concept attack is of significance due to Amazon among other cloud hosting providers already blocking another key-recovery attack that was disclosed in 2009. The paper on the attack (PDF) was the first to bring up the security issues of using the same piece of physical hardware. Cloud providers and cryptographers worked together to patch a number of the vulnerabilities making the attack feasible. As a result, none of the previous attack methods are active and working.
A new team of researchers have constructed a new method for full private key recovery when using even the latest implementation of the RSA crypto system. Similar to the 2009 research, the new method implements a CPU cache attack across two Amazon accounts that happened to be located on the same physical chip or chipset. Security researchers executed their technique where they recovered the entire 2048-bit RSA key from the two separate Amazon accounts they operated. Researchers latest technique works by probing the last level cache (LLC) of the Intel Xeon processor chipsets utilized by Amazon servers.
In their recently published paper (PDF), researchers wrote:
“This work presents a full key recovery attack on a modern implementation of RSA in a commercial cloud and explores all steps necessary to perform such an attack. In particular, the work first revisits the co-location problem. Our experiments show that the co-location techniques presented in  have been addressed by AWS and no longer are a significant indicator for co-location. In addition, we present new techniques that show that co-location is still detectable in 2015 by using other shared resources such as LLCs. Once co-located, we exploit the LLC to recover the secret key of a modern sliding-window exponentiation based implementation of RSA, across cores and without relying on deduplication. We expand beyond the techniques presented in [two papers published earlier this year]and show that a detailed study of the LLC structure of the targeted processor yields a much more efficient attack. In particular, we reverse engineer the LLC non-linear slice selection algorithm of Intel Xeon E5- 2670 v2 chipset, which is dominant on Amazon EC2. Finally, we present several techniques necessary for a cache attack to succeed in a public cloud. Most notably, we present methods to filter noise from the observed leakage at two levels: (i) by using an alignment filter to reduce temporal noise introduced by co-residing processes and the OS, (ii) by rejecting false detections using a threshold technique on the aligned traces. Finally we present an error correction algorithm that exploits dependencies between the public key and the observed private key to remove remaining errors and to recover error free RSA keys.”
The attack is quite high-tech and relies on side channel analysis, which enables attackers to extract a secret decryption key based on clues leaked by the electromagnetic emanations, data caches or other points of the targeted system. The exploit came from a table lookup in Libgcrypt/gnupgp crypto library, which has since been patched. Presumably other crypto apps and libraries are vulnerable to the same weakness Libcrypt is, making the attack remain an imminent threat. The attack requires professional execution and attackers must be running on the same physical piece of hardware as their target, making the attack unlikely to succeed in the future.
Still, the latest methods should be taken as a serious threat to security professionals and those who have to rely on government-mandated cryptography efforts or privacy laws. The group of researchers presented several methods for preventing the attack, mainly by deploying stronger isolation on public cloud servers.