RAMBleed Attack Can Not Just Alter But Steal Sensitive Data
Researchers discovered a new security vulnerability that affects the confidentiality of data stored in computer memory. This enabled them to successfully extract a signature key with the usual user permissions from an OpenSSH server.
Nicknamed RAMBleed, this attack is based on Rowhammer’s vulnerability and can be used to break the promise of secure storage of RAM modules; even those containing the ECC mechanism (Error Correction Code).
Rowhammer began as an experimental study that demonstrated the isolation of the information loaded into the RAM. As the memory modules became physically smaller and their memory, larger, the space between the internal cells became shorter. Thus creating the possibility of electrical interference that could alter the bit loading of the memory.
The researchers said in a document published in 2014, that repeated reading of the same address, the adjacent data can be corrupted because the bits went from 1 to 0, and vice versa, a process called a bit switch that modifies the data.
Modifying the info.
Basically, RAMBleed works on the same principle, but unlike Rowhammer, it reads the information instead of changing it. This makes it better for data theft. Another difference is that ECC memory is not a valid solution, unlike some Rowhammer attacks.
“Remarkably, RAMBleed can break the memory confidentiality of ECC memory, even if all bit flips are successfully corrected by the ECC mechanism,” say the researchers.
In a RAMBleed, the bit shift depends on the orientation and the value of the bits above and below the destination bits, which an attacker cannot access, this finding is according to the Academics from the University of Michigan.
To know the value of a secret bit in a victim using the new attack method, an attacker must map the memory and find a bit that can be moved with the same offset as the secret in a memory page.
In the above scenario, the attacker controls the two activation pages, next to the secret and can access it several times to attack the middle row. If the secret bit is 0, pounding causes the bit of the sample page to flip. Otherwise, the bit is 1.
Performing the process again with interchangeable bits in different memory offsets reveals all the bits of the secret data. This method has achieved a reading speed of about three or four bits per second.
“We note here that neither the victim nor the attacker access the secrets in any way, but by accessing the line activation pages controlled by the attacker, the attacker uses the victim’s data to influence Rowhammer-induced bit flips in their own private pages. Finally, the attacker directly verifies the sampling page to see if the bits are flipped, thus deducting the victim’s bits. As such, RAMBleed is a cross-address space attack, “the researchers explain.
Stealing an OpenSSH key
Demonstrating the effects of this attack, the researchers were able to read an RSA-2048 key on a server running OpenSSH 7.9, the latest version at the time of testing. The current version is 8.0, available from April 18.
The success measured a rate of 0.3 bits per second and an accuracy of 82%. To obtain the complete data, the researchers used a variant of the Heninger-Shacham algorithm to retrieve RSA keys from partial information.
To obtain the secret information, the researchers developed a method called Frame Feng Shui, which allows them to place the pages containing the desired data in the desired location in a frame of physical memory chosen by the attacker.
RAMBleed received the tracking number CVE-2019-0174 (base score of 3.8 out of 10) and was tested on an HP Prodesk 600 machine with an i5-4570 processor and two Axiom DDR3 4 GB 1333 MHz without DIMM ECC (51264Y3D3N13811), running Ubuntu 18.04.
Although the system uses DDR3 RAM, the researchers say that “they do not suspect that DDR4 is a fundamental limitation, assuming that DDR4 retains the property that Rowhammer-induced bit flips are data-dependent.” This conclusion is corroborated by the fact that Rowhammer-based bit modifications in DDR4 memory have already been demonstrated.
However, Intel says that to stay safe from this attack is to use “Rowhammer-resistant DRAM modules, this includes most DDR4 DRAM modules.
Defense options
Preventing a RAMBleed attack is possible on systems where memory encryption is active. This can be achieved when the Trusted Execution Environment (TEE) feature is enabled in the processor.
TEE as Intel’s Software Guard Extensions (SGX), ARM’s TrustZone, and AMD’s Secure Encrypted Virtualization (SEV) is secure enclaves that enforce encryption in the memory they work with.
One way to reduce the risk of this type of reading attack is to clear the encryption keys from the memory immediately after using them. This reduces the chances of learning the secret data because RAMBleed must remain in memory for at least one update interval, which is 64ms by default.