[Cryptography] How to make rowhammer less likely
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Tue Jun 19 02:13:02 EDT 2018
Guus Sliepen <guus at sliepen.org> writes:
>The only proper protection, apart from designing your RAM chips so that row
>hammer has no effect on the contents of the actual memory cells, is to
>cryptographically authenticate the contents of the RAM. However, if you
>detect tampering, what can you possibly do? The system is compromised, the
>only thing you can do is halt or reboot, which is not desirable.
Another problem that encrypting or MAC'ing RAM does is that it turns an often
safely-ignored single-bit flip into a much harder to ignore 128-bit flip or
fatal MAC failure. Most PCs run just fine with the occasional bit flip, but
they'll run a lot less fine when every one is amplified by two orders of
magnitude.
Peter.
More information about the cryptography
mailing list