16 Oct
15:00 Master's Defense IC3 Auditorium
Rowhammer-based injection attacks and their effects on aged memories
Rafael Junio da Cruz
Advisor / Teacher
Diego de Freitas Aranha - Co-advisor: Rodolfo Jardim de Azevedo
Brief summary
Bitcoin is the most famous cryptocurrency worldwide due to its high speculative value and decentralized use, eliminating the need for centralized agents such as financial institutions. The Bitcoin protocol adopts the elliptic curve secp256k1, given its high performance. However, the secp256k1 curve is recognized as weak because it cannot provide simple, efficient and secure computations at the same time, in addition to containing sister curves, twists, considered insecure, which may make the protocol susceptible to invalid curve attacks. Despite being difficult to execute, fault injection attacks are very powerful because, for the most part, they can exploit aspects that are difficult to control remotely, such as temperature, voltage and frequency. Among the fault injection attacks is Rowhammer, a software attack that directly affects DRAM memory, inverting bits due to a large number of consecutive readings. In this work, Rowhammer was used to inject flaws in the implementation of the curve adopted by Bitcoin, aiming at subverting the protocol and extracting the private key. In addition, it was observed that the proposed attack is capable of affecting other elliptic curves and other protocols that use the Elliptic Curves Digital Signature Algorithm (ECDSA). Finally, it is conjectured that age or time of use can induce problems in DRAM memories that allow Rowhammer attacks. In this direction, a study of artificial aging of DRAM memories was started through heating using resistors and voltage changes across the motherboard. The resistances allowed experiments with temperatures above 200°C. As a result, the existence of a safe operating range for DRAM memory was realized. Reading or writing failures could be observed from a certain temperature and voltage. Furthermore, a maximum temperature and voltage threshold was found, after which the memory became inoperative.
Examination Board
Diego de Freitas Aranha IC / UNICAMP
Bruno de Carvalho Albertini EPUSP
Julio Cesar Lopez Hernandez IC / UNICAMP
Lucas Francisco Wanner IC / UNICAMP
Marco Aurélio Amaral Henriques FEEC / UNICAMP