DARPA, University of Michigan Team Up to Build ‘Unhackable’ Chip

DARPA, University of Michigan Team Up to Build ‘Unhackable’ Chip

This site may earn affiliate commissions from the links on this page. Terms of use.

DARPA has announced a $3.6 million grant to a University of Michigan team with the goal of building an “unhackable” processor. Software-based security has proven incapable of meeting this goal, and while hardware models like Intel’s

Rowhammer targets either the single purple row to flip the yellow bits or can target both yellow rows to flip the purple bits.

What the Michigan team is describing would be an incredibly useful set of capabilities — if it can be made to work. We’ve seen exploits before, like Rowhammer, that function precisely by targeting a given area of memory and hammering adjacent rows with repeated accesses in an attempt to flip bits within the target row (hence the name). Zero-day exploits are a common and potentially devastating problem. And frankly, it’s simply downright tiresome to be forever chasing down security bulletins and updating various applications. A chip that could juggle its memory addresses and keep data safely encrypted could be useful in a wide range of security applications.

What’s less clear is how easily the technology could be integrated into modern processors or what impact these rapid-fire data shifts would have on functionality. The DARPA SSITH project (System Security Integrated Through Hardware and Firmware) specifically states that “The strategic challenge for participants in the SSITH program will be to develop new integrated circuit (IC) architectures that lack the current software-accessible points of illicit entry, yet retain the computational functions and high-performance the ICs were designed to deliver.”

DARPA’s goal is to fund initial development on a processor design capable of preventing one or more of seven security flaws: Permission and privilege escalations, buffer errors, resource management, information leakage, numeric errors, crypto errors, and code injection. These seven types of attacks supposedly comprise a whopping 40 percent of all attack types; cutting even one or two of them out could significantly reduce security issues in the military and consumer world.

(Image credit: DARPA)

Published at Fri, 22 Dec 2017 13:36:11 +0000

tech :