Cross-VM Side Channels and Their Use to Extract Private Keys

Werner Koch wk at gnupg.org
Mon Nov 12 13:03:04 CET 2012


On Fri,  9 Nov 2012 21:33, casey.marshall at gmail.com said:

> I understand GnuPG is not recommended for local multi-user
> deployments, but for better or worse, an increasing number of
> applications are being hosted in virtualized environments.

Here is a reply to a similar question:

  > My understanding is you should do your encryption in your own computer,
  > not in a virtual machine on someone else's computer.  If so, maybe
  > what we need to do is explain this to the public more.
  
  That is also my opinion.  If an attacker has access to your account or
  the hardware in any way (even only through virtualization), we have a
  "game over" condition.  Sure it would be possible to work around some
  problems.  Actually we use RSA blinding to mitigate threats which are
  based on a remote attacker (on the same LAN).  In that case a
  workaround makes sense.  The described attack is IMHO not a real world
  attack - if they are able to force actions on another virtual machine
  (running gpg in a loop for signing or encryption), they would have
  easier means to get at the private key.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-devel mailing list