Stay updated on the latest news from
the makers of Nexus
Virtual Machine Used To Steal Crypto Keys From Other VM On Same Server
by Ali Loney on November 06, 2012

Tags: News, security, AppSec Spotlight

Ars Technica – (International) Virtual machine used to steal crypto keys from other VM on same server. Piercing a key defense found in cloud environments such as Amazon's EC2 service, scientists devised a virtual machine that can extract private cryptographic keys stored on a separate virtual machine when it resides on the same piece of hardware. The technique, unveiled in a research paper published by computer scientists from the University of North Carolina, the University of Wisconsin, and RSA Laboratories, took several hours to recover the private key for a 4096-bit ElGamal-generated public key using the libgcrypt v.1.5.0 cryptographic library. The attack relied on "side-channel analysis," in which attackers crack a private key by studying the electromagnetic emanations, data caches, or other manifestations of the targeted cryptographic system.


Recent Posts

Posts by Topic

see all

Get Blog Updates