Morpheus Computer Processor Foils Hackers

Forum Moderators: open

Message Too Old, No Replies

Morpheus Computer Processor Foils Hackers

engine

4:36 pm on May 26, 2021 (gmt 0)

There's a new computer processor, dubbed Morpheus, which randomly changes its underlying structure, has proven to foil the attacks of 580 security researchers for 13,000 hours.

The hack attack was the first big test in a U.S. Defense Advanced Research Program Agency (DARPA) program called Security Integrated Through Hardware and firmware (SSITH). It’s aimed at developing processors that are inherently immune to whole classes of hardware vulnerabilities that can be exploited by malware. (Spectre and Meltdown are among those.)

[spectrum.ieee.org...]

iamlost

7:35 pm on May 26, 2021 (gmt 0)

The fundamental idea of Morpheus isn’t new, however the University of Michigan team made it real: they encrypted memory pointers. Actually the address space pointers are ‘churn encrypted’ 10 times a second. All via hardware, at about a 10% performance hit.

Of course this doesn’t stop all attacks but it certainly puts a huge barrier to most memory attacks, which tend to be the hardest to identify.

DARPA’s SSITH (System Security Integrated Through Hardware and Firmware) program is hoping to eliminate what they refer to as ‘The Malicious 7’, seven NIST identified classes of vulnerabilities from MITRE Corporation’s CWE (Common Weakness Enumeration) database:
* memory (buffer) errors,
* permissions and privileges,
* resource management,
* information leakage,
* numeric errors,
* code injection,
* and cryptographic errors;
all via hardware design.

Note: chips used are all RISC-V FPGA-based.

UM team is also looking at privacy, not just security, hardware baked solutions.

Overall quite fascinating.