Chip Puzzle: an unbreakable processor will be developed for DARPA
At the beginning of this year, information about Meltdown and Specter processor vulnerabilities was the first loud topic of cybersecurity in 2018. The vulnerability of the cache of software commands from Intel, AMD and Arm, released over the past 20 years, led to a whole pleiad of litigation and is still being discussed in the media. According to the Office of Advanced Research Projects of the US Department of Defense (DARPA), 40% of all software exploits can be avoided if you eliminate the shortcomings of the hardware.
Therefore, the Directorate thought about developing an unbreakable processor that would make exploits impossible. The chip creation team was awarded to a team from the University of Michigan. In the article we will analyze what is already known about the processor.
/ Flickr / jin / cc
')
The MORPHEUS project is one of the initiatives implemented under the DARPA grants under the SSITH program, which aims to eliminate hardware vulnerabilities. The concept of an unbreakable processor is based on an approach that involves not responding to already known attacks (“ patch and pray ”), but building a universal system that can cope with any threats.
Todd Austin, a computer science professor who takes part in the work on MORPHEUS, compared the hacking of a future chip to an attempt to assemble a Rubik's cube, the edges of which turn every time when a person blinks.
In order for an attacker to gain access to the system, he first needs to find a software bug (what was the error in the program instruction cache). After that, it remains to determine where the valuable data is stored and to “pick up” it. Thanks to the MORPHEUS processor architecture, the detection of the “location” of the vulnerability and data becomes impossible. Even if the attacker finds an error and tries to use it, the vulnerability and valuable information "will change its location" randomly. In case the attacker is fast enough, there is a second level of protection in the form of encryption and domain enforcement policies that will guarantee additional obstacles.
/ Pxhere / CC
Such an approach can protect both hardware and software, and solve the “ zero-day vulnerability ” problem, that is, protect computers from future threats that have not yet emerged.
The ExtremeTech editor in conversation about the Rubik's Cube chip recalls the Rowhammer exploit . The hacker could start a program that repeatedly addressed specific rows in the memory, as if “tapping them with a hammer,” until electromagnetic radiation penetrates into the next section of memory and changes the value of individual bits.
As a result of such an attack, the attacker could increase his access rights in the system. For example, in the image below, an attack may be conducted on either the purple line to “flip” the yellow bits, or to the yellow lines to “flip” the purple bits.
/ Wikimedia / Dsimic / CC
But a chip that can change memory addresses and store data in encrypted form is not afraid of such a “matching method”. According to Austin, protection systems like MORPHEUS have not yet been implemented, since they are too expensive to make in the form of software. Scientists from Michigan are hoping that DARPA support will allow them to create protection at the hardware level, which will not be expensive. However, it is not yet clear what resources will be needed to integrate technology into modern processors.
At the end of last year, it also became known that a similar solution was being created in South Korea to protect the system. It is based on the “ physically non-clonable function ” (PUF) method - this is a function that is implemented in a physical structure and is easy to evaluate, but difficult to fake. In Korean development, nanoelectromechanical systems are used, consisting of a silicon nanowire, which is suspended in the fluid between two gates - one and zero. During fabrication of the PUF, the fluid in which the nanowire floats is evaporated, and the wire randomly “sticks” to one of the gates. As a result, a security code is generated that cannot be picked up "from the outside."
Another one prototype of the system with "physical passwords" is working in Abu Dhabi. According to Ozgur Sinanoglu (Ozgur Sinanoglu), deputy dean for engineering at New York University Abu Dhabi, their chip is a solution with a burglary-lock system integrated into the hardware. Special technology locks hardware and opens access to the capabilities of the chip only to those who know the secret key. Until then, the purpose of the chip remains unknown.
Therefore, the Directorate thought about developing an unbreakable processor that would make exploits impossible. The chip creation team was awarded to a team from the University of Michigan. In the article we will analyze what is already known about the processor.
/ Flickr / jin / cc
')
How does the chip work
The MORPHEUS project is one of the initiatives implemented under the DARPA grants under the SSITH program, which aims to eliminate hardware vulnerabilities. The concept of an unbreakable processor is based on an approach that involves not responding to already known attacks (“ patch and pray ”), but building a universal system that can cope with any threats.
Todd Austin, a computer science professor who takes part in the work on MORPHEUS, compared the hacking of a future chip to an attempt to assemble a Rubik's cube, the edges of which turn every time when a person blinks.
In order for an attacker to gain access to the system, he first needs to find a software bug (what was the error in the program instruction cache). After that, it remains to determine where the valuable data is stored and to “pick up” it. Thanks to the MORPHEUS processor architecture, the detection of the “location” of the vulnerability and data becomes impossible. Even if the attacker finds an error and tries to use it, the vulnerability and valuable information "will change its location" randomly. In case the attacker is fast enough, there is a second level of protection in the form of encryption and domain enforcement policies that will guarantee additional obstacles.
/ Pxhere / CC
Such an approach can protect both hardware and software, and solve the “ zero-day vulnerability ” problem, that is, protect computers from future threats that have not yet emerged.
The ExtremeTech editor in conversation about the Rubik's Cube chip recalls the Rowhammer exploit . The hacker could start a program that repeatedly addressed specific rows in the memory, as if “tapping them with a hammer,” until electromagnetic radiation penetrates into the next section of memory and changes the value of individual bits.
As a result of such an attack, the attacker could increase his access rights in the system. For example, in the image below, an attack may be conducted on either the purple line to “flip” the yellow bits, or to the yellow lines to “flip” the purple bits.
/ Wikimedia / Dsimic / CC
But a chip that can change memory addresses and store data in encrypted form is not afraid of such a “matching method”. According to Austin, protection systems like MORPHEUS have not yet been implemented, since they are too expensive to make in the form of software. Scientists from Michigan are hoping that DARPA support will allow them to create protection at the hardware level, which will not be expensive. However, it is not yet clear what resources will be needed to integrate technology into modern processors.
Other developments
At the end of last year, it also became known that a similar solution was being created in South Korea to protect the system. It is based on the “ physically non-clonable function ” (PUF) method - this is a function that is implemented in a physical structure and is easy to evaluate, but difficult to fake. In Korean development, nanoelectromechanical systems are used, consisting of a silicon nanowire, which is suspended in the fluid between two gates - one and zero. During fabrication of the PUF, the fluid in which the nanowire floats is evaporated, and the wire randomly “sticks” to one of the gates. As a result, a security code is generated that cannot be picked up "from the outside."
Another one prototype of the system with "physical passwords" is working in Abu Dhabi. According to Ozgur Sinanoglu (Ozgur Sinanoglu), deputy dean for engineering at New York University Abu Dhabi, their chip is a solution with a burglary-lock system integrated into the hardware. Special technology locks hardware and opens access to the capabilities of the chip only to those who know the secret key. Until then, the purpose of the chip remains unknown.
A few more materials about information security from the 1cloud blog:
Source: https://habr.com/ru/post/350834/
All Articles