New cloud attack takes full control of virtual machines with little effort

The world has seen the most unsettling attack yet resulting from the so-called Rowhammer exploit, which flips individual bits in computer memory. It's a technique that's so surgical and controlled that it allows one machine to effectively steal the cryptographic keys of another machine hosted in the same cloud environment.

Until now, Rowhammer has been a somewhat clumsy and unpredictable attack tool because it was hard to control exactly where data-corrupting bit flips happened. While previous research demonstrated that it could be used to elevate user privileges and break security sandboxes, most people studying Rowhammer said there was little immediate danger of it being exploited maliciously to hijack the security of computers that use vulnerable chips. The odds of crucial data being stored in a susceptible memory location made such hacks largely a matter of chance that was stacked against the attacker. In effect, Rowhammer was more a glitch than an exploit.

Now, computer scientists have developed a significantly more refined Rowhammer technique they call Flip Feng Shui. It manipulates deduplication operations that many cloud hosts use to save memory resources by sharing identical chunks of data used by two or more virtual machines. Just as traditional Feng Shui aims to create alignment or harmony in a home or office, Flip Feng Shui can massage physical memory in a way that causes crypto keys and other sensitive data to be stored in locations known to be susceptible to Rowhammer.

“Surprisingly practical and effective”

"Prior work has demonstrated that co-hosted VMs can spy on each other to a certain extent (e.g. cryptographic keys can be leaked), but this attack is fundamentally more damaging and the first of its kind," Ben Gras, one of the Vrije Universiteit Amsterdam researchers who devised the technique, told Ars. "We can reliably corrupt the memory of a target VM in a highly precise and controlled way. Scientifically, this is our contribution—we show for the first time it is possible to effect this seemingly random corruption on data anywhere in the software stack in a highly precise and controlled way."

The research team, which also included a member from Belgium's Katholieke Universiteit Leuven, went on to show how an attacker VM can use Flip Feng Shui to compromise RSA cryptography keys stored on another VM hosted in the same cloud environment. In one experiment, the attacker VM compromised the key used to authenticate secure shell access, a feat that allowed the VM to gain unauthorized access to the target. In a separate experiment, the attacker VM compromised the GPG key used by developers of the Ubuntu operating system to verify the authenticity of updates. With the compromised GPG key, the attacker VM was able to force the target to download and install a malicious update.

The key compromises work by obtaining the target's public key in advance, a requirement that's generally not a problem because public keys don't reveal the secrets contained in their corresponding private key. The attacker VM then uses what the researchers call Deduplication Flip Feng Shui to induce a bit flip in a specific part of the public key. The flip, in turn, creates a new public key that's weak enough to be factored so that attackers can derive the corresponding private key. In other words, the Rowhammer attack tricks the target VM into accepting a new public key. And because the attackers know the corresponding private key, they gain unauthorized SSH access and can sign malicious Ubuntu updates.

"We find that, while [Deduplication Flip Feng Shui] is surprisingly practical and effective, existing cryptographic software is wholly unequipped to counter it, given that 'bit flipping is not part of their threat model,'" the researchers wrote in a recently published research paper titled "Flip Feng Shui: Hammering a Needle in the Software Stack."

"Our end-to-end attacks completely compromise widespread cryptographic primitives, allowing an attacker to gain full control over the victim VM," the researchers wrote.

The experiment attempted the bit flipping hack only against RSA keys, but Gras, the Vrije Universiteit Amsterdam researcher, said he expects it to work against keys or parameters based in the Digital Signature Algorithm, Diffie-Hellman, Elliptic Curve Cryptography, and Elliptic Curve Diffie-Hellman crypto systems as well. Such exploits would allow attackers not only to gain unauthorized access but also to eavesdrop on legitimate sessions. Flip Feng Shui was first presented three weeks ago at the 25th Usenix Security Symposium and will be featured again in November at the Black Hat security conference in London.

For the attacks to work, the cloud hosting the VMs must have deduplication enabled so that physical pages are shared between customers. The researchers relied on deduplication features available in the kernel-based Virtual Machine and Kernel SamePage Merging functions that are included in Linux, but the researchers believe the technique will work on other operating systems that also provide deduplication. And of course, the memory chips used by the host must be vulnerable to Rowhammer attacks, a requirement that's met by 110 out of 129 DDR3 models and eight out of 12 DDR4 varieties tested. Lastly, the prototype attack relied on a Linux setting known as transparent huge pages to make the attack simpler and faster, but the researchers said it would work even if the setting wasn't enabled.

The researchers have laid out a variety of hardware and software approaches that can help defend against Flip Feng Shui attacks. The hardware solutions included subjecting DRAM chips to extensive Rowhammer testing, relying on memory with error-correcting codes, and exploring a newer protection known as directed row refresh that's implemented in certain types of DDR4 chips. Software mitigations include disabling memory deduplication. Beyond that, developers and engineers should consider taking additional precautions, such as checking security-sensitive information for integrity immediately before it's used to make sure it hasn't been subjected to bit flips. The research paper lays out the defenses in much greater detail.

"Our attacks allow an attacker to completely compromise co-hosted cloud VMs with relatively little effort," the researchers warn at the conclusion of their paper. "Even more worryingly, we believe Flip Feng Shui can be used in several more forms and applications pervasively in the software stack, urging the systems security community to devote immediate attention to this emerging threat."

Post updated to correct the explanation of the key compromise in the sixth-to-last paragraph.