Rambus Blog, Oct. 14, 2015 –
A Worcester Polytechnic Institute research team has confirmed that it managed to successfully extract cryptographic keys from the Cloud. According to a recently published paper, the team built upon previous work by Ristenpart, who demonstrated the viability of co-location and provided the first concrete evidence of sensitive information leakage on a commercial cloud.
"We show that co-location can be achieved and detected by monitoring the last level cache in public clouds," the Worcester team explained in an article extract. "More significantly, we present a full-fledged attack that exploits subtle leakages to recover RSA decryption keys from a collocated instance."