DARPA has announced a $ 3.6 million grant to a University of Michigan team with the goal of building an “unhackable” processor. Software-based security has proven incapable of meeting this goal, and while hardware models like Intel’s IME or ARM’s TrustZone have had better luck overall, these systems can be affected by major bugs themselves and don’t protect the entire contents of the microprocessor.
Todd Austin, leader of the Morpheus project at UM, likens his team’s design to a giant Rubik’s Cube. His architecture focuses on moving data stored within the chip to various randomized locations while also constantly re-encrypting stored passwords. Even if a hacker managed to find a memory block with a password in it that was vulnerable to decryption, the data won’t be there by the time the password-cracker finishes its work. Even modern GPUs, which are staggeringly good at password decryption, require time to work.
“We are making the computer an unsolvable puzzle,” Austin said. “It’s like if you’re solving a Rubik’s Cube and every time you blink, I rearrange it. What’s incredibly exciting about the project is that it will fix tomorrow’s vulnerabilities. I’ve never known any security system that could be future proof.”
What the Michigan team is describing would be an incredibly useful set of capabilities — if it can be made to work. We’ve seen exploits before, like Rowhammer, that function precisely by targeting a given area of memory and hammering adjacent rows with repeated accesses in an attempt to flip bits within the target row (hence the name). Zero-day exploits are a common and potentially devastating problem. And frankly, it’s simply downright tiresome to be forever chasing down security bulletins and updating various applications. A chip that could juggle its memory addresses and keep data safely encrypted could be useful in a wide range of security applications.
What’s less clear is how easily the technology could be integrated into modern processors or what impact these rapid-fire data shifts would have on functionality. The DARPA SSITH project (System Security Integrated Through Hardware and Firmware) specifically states that “The strategic challenge for participants in the SSITH program will be to develop new integrated circuit (IC) architectures that lack the current software-accessible points of illicit entry, yet retain the computational functions and high-performance the ICs were designed to deliver.”
DARPA’s goal is to fund initial development on a processor design capable of preventing one or more of seven security flaws: Permission and privilege escalations, buffer errors, resource management, information leakage, numeric errors, crypto errors, and code injection. These seven types of attacks supposedly comprise a whopping 40 percent of all attack types; cutting even one or two of them out could significantly reduce security issues in the military and consumer world.
(Image credit: DARPA)