Ecole d'ingénieur et centre de recherche en Sciences du numérique

Confidentiality issues on a GPU in a virtualized environment

Maurice, Clémentine; Neumann, Christoph; Heen, Olivier; Francillon, Aurélien

FC 2014, 18th International Conference on Financial Cryptography and Data Security, 3-7 March 2014, Barbados

General-Purpose computing on Graphics Processing Units (GPGPU) combined to cloud computing is already a commercial success. However, there is little literature that investigates its security implications. Our objective is to highlight possible information leakage due to GPUs in virtualized and cloud computing environments. We provide insight into the different GPU virtualization techniques, along with their security implications. We systematically experiment and analyze the behavior of GPU global memory in the case of direct device assignment. We find that the GPU global memory is zeroed only in some configurations. In those configurations, it happens as a side effect of Error Correction Codes (ECC) and not for security reasons. As a consequence, an adversary can recover data of a previously executed GPGPU application in a variety of situations. These situations include setups where the adversary launches a virtual machine after the victim's virtual machine using the same GPU, thus bypassing the isolation mechanisms of virtualization. Memory cleaning is not implemented by the GPU card itself and we cannot generally exclude the existence of data leakage in cloud computing environments. We finally discuss possible countermeasures for current GPU clouds users and providers.

Document Doi Bibtex

Titre:Confidentiality issues on a GPU in a virtualized environment
Mots Clés:GPU, Security, Cloud Computing, Information Leakage
Type:Conférence
Langue:English
Ville:Barbados
Pays:BARBADE
Date:
Département:Sécurité numérique
Eurecom ref:4205
Copyright: © Springer. Personal use of this material is permitted. The definitive version of this paper was published in FC 2014, 18th International Conference on Financial Cryptography and Data Security, 3-7 March 2014, Barbados and is available at : http://dx.doi.org/10.1007/978-3-662-45472-5_9
Bibtex: @inproceedings{EURECOM+4205, doi = {http://dx.doi.org/10.1007/978-3-662-45472-5_9}, year = {2014}, title = {{C}onfidentiality issues on a {GPU} in a virtualized environment}, author = {{M}aurice, {C}l{\'e}mentine and {N}eumann, {C}hristoph and {H}een, {O}livier and {F}rancillon, {A}ur{\'e}lien}, booktitle = {{FC} 2014, 18th {I}nternational {C}onference on {F}inancial {C}ryptography and {D}ata {S}ecurity, 3-7 {M}arch 2014, {B}arbados}, address = {{B}arbados, {BARBADE}}, month = {03}, url = {http://www.eurecom.fr/publication/4205} }
Voir aussi: