[Cryptography] Determining TLS session keys from the hypervisor

Howard Chu hyc at symas.com
Mon Jun 13 19:58:18 EDT 2016

Jerry Leichter wrote:
>> Defenses are not clear.
>> Actually I would have thought the defence was pretty trivial: Don't run your
>> sensitive crypto on hardware controlled by an attacker.  On the one hand the
>> work they've done is pretty neat, but the overall result is a "well, duh".
> Well, sure ... but the fact is that a large and probably growing
> percentage
of Web servers *are* running "in the Cloud" - i.e., on hardware controlled by
someone else. The economics are likely to push ever more stuff "out there".
> Now, you can argue that Amazon or Microsoft or Google - or the smaller
providers of virtual hosting - are not going to attack you; and *in general*,
that's probably true. But they may well be forced to by government order -
without telling you. And when it comes to the smaller providers - just how
much should you trust them?

Doesn't really matter how large or reputable the hosting provider is. All it 
takes is 1 employee to go rogue. This has been the pattern at the majority of 
Bitcoin exchange heists.

I don't know of many services that are run entirely within their own private 
data centers. Most web sites are VPSs or just web virtual hosts.
> It's also worth keeping in mind that bugs allowing attackers to escape
> from
their guest OS instances and gain access to the hypervisor have occurred. So
even if you trust your provider, you do have *some* level of exposure to your
"running mates" on the host you share.
> As will all (properly analyzed) security issues, it's about costs and
> risks.
By moving out to a Cloud instance, you're generally saving money and you're
mitigating many practical risks - the big data centers are much less
vulnerable to power outages, fires, and all kinds of similar events than you
would likely be able to afford. This paper shows that you're not quite as
secure within your VM as you might think. You now have to go make the
tradeoffs for yourself.

   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

More information about the cryptography mailing list