[Cryptography] Determining TLS session keys from the hypervisor

Michael Kjörling michael at kjorling.se
Mon Jun 13 06:45:06 EDT 2016

On 12 Jun 2016 06:34 -0400, from leichter at lrw.com (Jerry Leichter):
> Very elegant and powerful attack in which code running in a
> hypervisor can extract the keying material for any TLS session a
> guest establishes. The basic ideas:

One thing I was thinking about when hearing about this attack is SSH.
It seems to me that the same kind of attack could apply to virtually
every kind of key negotiation similar to TLS, and SSH certainly would
seem to fall into that family. What's more, taking over a SSH session
seems more likely to be able to get a toehold into a system because of
how often SSH is used for remote administration.

I guess it's the old adage again: if an untrusted party has
unrestricted physical access, then it's not possible to fully secure
the system.

Michael Kjörling • https://michael.kjorling.semichael at kjorling.se
                 “People who think they know everything really annoy
                 those of us who know we don’t.” (Bjarne Stroustrup)

More information about the cryptography mailing list