[Cryptography] "Flip Feng Shui: Hammering a Needle in the Software Stack"
Florian Weimer
fw at deneb.enyo.de
Fri Sep 2 01:52:42 EDT 2016
* Jerry Leichter:
> "We introduce Flip Feng Shui (FFS), a new exploitation vector which
> allows an attacker to induce bit flips over arbitrary physical memory
> in a fully controlled way. FFS relies on hardware bugs to induce bit
> flips over memory and on the ability to surgically control the
> physical memory layout to corrupt attacker-targeted data anywhere in
> the software stack.... Memory deduplication allows an attacker to
> reverse-map any physical page into a virtual page she owns as long as
> the page’s contents are known. Rowhammer, in turn, allows an attacker
> to flip bits in controlled (initially unknown) locations in the target
> page.
>
> We show FFS is extremely powerful: a malicious VM in a practical cloud
> setting can gain unauthorized access to a co-hosted victim VM running
> OpenSSH. Using FFS, we exemplify end-to-end attacks breaking OpenSSH
> public-key authentication, and forging GPG signatures from trusted
> keys, thereby compromising the Ubuntu/Debian update mechanism."
>
> https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_razavi.pdf
Why bother with patching public keys, making them amenable to
factorization, if you can patch executable code instead?
If you can target executable code (and I see why not, it's all the
same to KSM), it is very clear that there cannot be a software-only
defense. (The authors try to frame this as a software problem which
needs fixes in GnuPG etc.)
More information about the cryptography
mailing list