Fwd: [Cryptography] "Flip Feng Shui: Hammering a Needle in the Software Stack"
Georgi Guninski
guninski at guninski.com
Thu Sep 1 22:39:07 PDT 2016
----- Forwarded message from Jerry Leichter <leichter at lrw.com> -----
Date: Thu, 1 Sep 2016 11:33:16 -0400
From: Jerry Leichter <leichter at lrw.com>
To: Cryptography List <cryptography at metzdowd.com>
Subject: [Cryptography] "Flip Feng Shui: Hammering a Needle in the Software Stack"
X-Mailer: Apple Mail (2.3124)
"We introduce Flip Feng Shui (FFS), a new exploitation vector which allows an attacker to induce bit flips over arbitrary physical memory in a fully controlled way. FFS relies on hardware bugs to induce bit flips over memory and on the ability to surgically control the physical memory layout to corrupt attacker-targeted data anywhere in the software stack.... Memory deduplication allows an attacker to reverse-map any physical page into a virtual page she owns as long as the page’s contents are known. Rowhammer, in turn, allows an attacker to flip bits in controlled (initially unknown) locations in the target page.
We show FFS is extremely powerful: a malicious VM in a practical cloud setting can gain unauthorized access to a co-hosted victim VM running OpenSSH. Using FFS, we exemplify end-to-end attacks breaking OpenSSH public-key authentication, and forging GPG signatures from trusted keys, thereby compromising the Ubuntu/Debian update mechanism."
https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_razavi.pdf
-- Jerry
_______________________________________________
The cryptography mailing list
cryptography at metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
----- End forwarded message -----
Does Rowhammer work in clouds? According to the popular story it
affected only laptops.
More information about the cypherpunks
mailing list