[Cryptography] How to make rowhammer less likely

[Guus Sliepen]

On Wed, Jun 13, 2018 at 07:20:24PM -0700, Ryan Carboni wrote:

> AES CTR is used for encryption. Now, 8-bit bytes are used so that does
> limit what one can do, but if in addition a unique 8-bit involution was
> used to encrypt the data in each memory page, in order to successfully
> rowhammer bits, it would require obtaining the full codebook for the target
> data.

You don't need to know what is in RAM or what it will be changed to for
rowhammer to result in a viable exploit. For example, one of the
exploits changed page table entries such that memory that was previously
marked as inaccessible to an unprivileged user was made accessible. As
long as you only need to toggle a few bits, no amount of encryption will
help you.

The only proper protection, apart from designing your RAM chips so that
row hammer has no effect on the contents of the actual memory cells, is
to cryptographically authenticate the contents of the RAM. However, if
you detect tampering, what can you possibly do? The system is
compromised, the only thing you can do is halt or reboot, which is not
desirable.

Apart from that, there is a huge cost involved in
encrypting/authenticating RAM at full speed. If you look at a Core
i7-8700K for example, it can do AES encryption at speeds of around 11
GB/s. It probably uses a large fraction of its TDP to achieve that (say
~50 Watt). However, according to the specs it has a memory bandwidth of
41.6 GB/s. So you'd need almost 200 Watt to do just the AES encryption
for the memory. It is much simpler and cheaper to just increase the RAM
refresh rate, use ECC, and monitor performance counters to detect
excessive cache flushes generated by a single program.

-- 
Met vriendelijke groet / with kind regards,
      Guus Sliepen <guus at sliepen.org>