1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Researchers steal secret RSA encryption keys in Amazon’s cloud

Discussion in 'CSO' started by RSS, Oct 6, 2015.

  1. RSS

    RSS New Member Member

    As thousands of cloud fanatics descend on Las Vegas this week for Amazon Web Service’s re:Invent conference, researchers in Massachusetts are raising new questions about the security of all multi-tenant cloud environments.

    A group of professors at Worcester Polytechnic Institute demonstrated in a recently published paper named “Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud,” a proof of concept hack of secret cryptography keys used in an AWS virtual machine. The now-patched flaw – which was not specific to AWS -- showed that a hacker could theoretically gain a user’s secret keys that are used to encrypt sensitive data.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page