In cloud computing, efficiencies are reaped by resource shar-
ing such as co-location of computation and deduplication of data. This
work exploits resource sharing in virtualization software to build a pow-
erful cache-based attack on AES. We demonstrate the vulnerability by
mounting Cross-VM Flush+Reload cache attacks in VMware VMs to
recover the keys of an AES implementation of OpenSSL 1.0.1 running
inside the victim VM. Furthermore, the attack works in a realistic setting
where different VMs are located on separate cores. The modified
flush+reload attack we present, takes only in the order of seconds to min-
utes to succeed in a cross-VM setting. Therefore long term co-location, as
required by other fine grain attacks in the literature, are not needed. The
results of this study show that there is a great security risk to OpenSSL
AES implementation running on VMware cloud services when the dedu-
plication is not disabled
more here..........http://eprint.iacr.org/2014/435.pdf
ing such as co-location of computation and deduplication of data. This
work exploits resource sharing in virtualization software to build a pow-
erful cache-based attack on AES. We demonstrate the vulnerability by
mounting Cross-VM Flush+Reload cache attacks in VMware VMs to
recover the keys of an AES implementation of OpenSSL 1.0.1 running
inside the victim VM. Furthermore, the attack works in a realistic setting
where different VMs are located on separate cores. The modified
flush+reload attack we present, takes only in the order of seconds to min-
utes to succeed in a cross-VM setting. Therefore long term co-location, as
required by other fine grain attacks in the literature, are not needed. The
results of this study show that there is a great security risk to OpenSSL
AES implementation running on VMware cloud services when the dedu-
plication is not disabled
more here..........http://eprint.iacr.org/2014/435.pdf