[Cryptography] "Flip Feng Shui: Hammering a Needle in the Software Stack"
Bill Frantz
frantz at pwpconsult.com
Sat Sep 3 15:09:59 EDT 2016
On 9/2/16 at 7:56 AM, leichter at lrw.com (Jerry Leichter) wrote:
>Yes, this attack does show that hardware that's vulnerable to
>this attack simply cannot be trusted to run the software you
>think it's supposed to be running.
Jerry hits the nail on the head here. The bug is unreliable
hardware. Rowhammer raises the probability of this bug
occurring, but it could occur without an attack. So the short
answer is, "Fix the hardware." Any other fix is a bandaid.
There are a couple of hardware fixes mentioned in the paper.
DDR4 chips apparently refresh more often in areas that are
frequently hit, which might be enough. Otherwise, ECC checked
memory has been around for a long time, since the days of the
IBM 370 at least. ECC can be set up to correct n bit errors and
detect m bit errors where m>n. Getting more protection requires
more bits to store the ECC check code, but memory is cheap. The
good news is that you can probably figure out how to use the old
memory chips/boards, which will lower the cost. The bad news is
that the problem could be in the cache memory on the CPU chips,
which would require new CPU chips. (Intel smiles.)
So the question is, what values do we need for n and m in a
system under attack?
While I'm asking questions, I'll echo Jerry in asking about ECC
key vulnerability?
In the real world, if the probability of failure without attack
is at all significant, fixed hardware could be a marketing point
for a cloud provider, even without the attack. "Our systems get
the right answer more often than our competitor's systems." Even
if the probability is too small to worry about, protection
against this attack would be an attractive marketing pitch.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | Privacy is dead, get over | Periwinkle
(408)356-8506 | it. | 16345
Englewood Ave
www.pwpconsult.com | - Scott McNealy | Los Gatos,
CA 95032
More information about the cryptography
mailing list